> On Fri, 10 Jul 1998, Jon Lewis wrote:
>
> > > similar problems? I'm also consideringas an alternative to a dedicated box
> > > siting a linux box with a modem and a 4 port serial card at each location,
> > > but thats getting more and more pricey...
> >
> > You could probably do it with PM11's, but I'm leaning toward doing it with
> > Linux boxes. That way, that Linux box can be a caching DNS server, act as
> > primary or secondary radius server for the remote POP, and act as your
> > backdoor for dialing in when there's a problem.
>
> If you already have a linux box, then that is okay but I wouldnt set up a
> linux box JUST to do that because it is more complex, hackable, etc...
Depends of your define of box. It is pretty hard to break into a
stripped system. We use several micro routers that boot from CD and only
allow ssh or serial console (either dialin or terminal) access. When a
box runs off of a 1 -> 20 meg read only disk (floppy boot to ramdisk, or
cdrom boot), has no compilers, user software, does not even include
in.telnetd, etc what can you break? Find a new ip stack bug and crash the
system, or break bind or sshd and get in, to do what? Rewrite a CD or
write protected floppy?
Linux, FreeBSD or whatever in a workstation configuration does not
make a suitable router/control box/whatever for a very simple reason, it
is in a workstation configuration.
----------------------------------------------------------------------------
Christopher E. Brown (CB421) <cbrown@denalics.net> +907 357-4970
First Law of System Requirements:
"Anything is possible if you don't know what you're talking about..."
----------------------------------------------------------------------------
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>