[rescue] Can someone do me a favor (fast 'net, CD-burner)

Sat Dec 20 18:07:57 CST 2003

On Tue, Nov 18, 2003 at 11:12:03AM -0600, Joshua Boyd wrote:
> > However, the stuff's been up for a couple of years, and, while the haxorz
> > hammer the firewall, I've never seen any indication that they have gotten a
> > single bit through it.  Of course, if they were _good_ at what they were
> > doing, I wouldn't see any evidence, I guess.
> 
> Directly connected to me means that any port of the machine is somehow
> directly exposed.  If the machine is behind a NAT, and the NAT isn't
> configured to forward ports to that machine, I consider it safe,
> otherwise I don't.  Maybe I'm paranoid or naive here, but that's my
> view. 
> 
> Actually for that matter, I wouldn't really want to connect anything
> other that NetBSD, OpenBSD, or Solaris, but that's largely to do with my
> familiarity of tightening them down and running them minimally.
> Although I have in the past forwarded just SSH through to linux
> machines.  Irix just doesn't inspire confidence in me in this area.

Actually the big question from my point of view is "are you going to
have lots of users with shell accounts"?  

If you were just going to run server-based apps like a web server,
etc. and not allow even SSH shell logins (but allow SCP) then Irix
would be fine after you turned off inetd and any local daemons that do
not listen exclusively to the loopback interface.  Otherwise, no IRIX
for you!

Cordially
-- 
+--------------------------------------------------+
| Patrick Giagnocavo, patrick at zill.net             |
| Zill.Net - OpenACS, Postgres, Web hosting        |
| OpenACS v4 shared server       $19.95/month      |
| Colocation w/50GB transfer     $99.00/month      |
| Managed servers (incl. system) $175/month        |
+--------------------------------------------------+