[rescue] Replacing Linksys WRT54GS with a Netra T105

[Ray Arachelian]

gsm at mendelson.com wrote:
> And I'd prefer the opposite. I'd like a desktop like OSX, but don't want
> ZFS, Zones, a firewall and security to get in the way.
>
> IMHO ZFS belongs on a server (as do most files), a firewall at the
> connection to the "real world", and no real need for security.
> Of course, if I were in a real shop, and not just a small family, I'd
> need
> more security, but it would be almost all on the server, not on the
> workstations.
Zones are very useful on a desktop/laptop for security reasons.  Run
your web browser in a zone and you can avoid stuff running loose on your
files.  Whatever exploits are available would be contained to just that
zone and what it can access, and nothing else - even that's too much for
my taste.  Right now, you'd have to switch accounts, or attempt to run
the browsers chrooted.  I haven't tried running Firefox chrooted on OS X
in a while, but when I did try I never got it to work.

Server security is rarely an issue except for internet facing servers. 
The danger to a server is far more likely to come from the workstations
it serves than from the internet (except again, for anything internet
facing, which should be DMZ'ed off anyway.)

As for ZFS, snapshots, data integrity, compression, encryption, and all
the rest is quite nice on any kind of machine.  It's useful even on a
single hard drive in a notebook.

A local firewall on your desktop/laptop/workstation, being something you
yourself control is very useful and can prevent a lot of other security
issues, especially when you're traveling and using hotel wifi or whatever.

Just my $0.02.