|
by Senor Barborito 08/16/2003, 5:30pm PDT |
|
 |
|
 |
|
Well?
See, between every Windows/Linux machine V and I have, there is a Pentium 200MHz OpenBSD firewall that has, basically, one job. Every packet that comes in on the line, that wasn't a response to a packet sent out by one of the computers behind the firewall, is dropped. Not just 'sorry, this port firewalled', violation-of-RFC blackholed which means that you can't ping the firewall, let alone connect to the machines.
Almost all routers have this ability, and since MSBlaster can't connect to your network entirely without you specifically requesting it (which it has no funcationality/capability for) you're immune by default. This applies to most Internet worms in general. I'm approaching 4 years now since my last virus/worm/infection of any kind (the last one was when I ran Red Hat Linux and apparently got hacked (?), which was when I started getting into OpenBSD).
The site on the other hand, being run on OpenBSD, needs no external firewall - it basically replicates the functionality of the above AND a webserver AND the forum DB on a P3 700 192MB RAM machine.
The new machine for the site will be a Pentium4 1.7GHz/1GB RAM machine, but it's going to be shared with a slew of other accounts. Fortunately, we use about 10% of the proc of our current rig on average so we'll be fine.
My only concern is space.
--SB |
|
 |
|
 |
|
|
|
Is Fussbett still here? by Flurgendorf J. Creexul 08/15/2003, 5:04pm PDT 
Re: Is Fussbett still here? by Chairman Mao 08/15/2003, 5:10pm PDT
Re: Is Fussbett still here? by Flurgendorf J. Creexul 08/15/2003, 5:52pm PDT
Re: Is Fussbett still here? by whydirt, caltrops HALFLIFE2 08/15/2003, 6:14pm PDT
Mine just came back. by creativepig 08/15/2003, 7:00pm PDT
Checking in by Fussbett 08/15/2003, 7:07pm PDT
Re: Checking in by Flurgendorf J. Creexul 08/15/2003, 7:40pm PDT
Re: Checking in by Bill Dungsroman 08/15/2003, 8:05pm PDT
Re: Checking in by laudablepuss 08/15/2003, 8:13pm PDT
Re: Checking in by Flurgendorf J. Creexul 08/15/2003, 8:24pm PDT
Many datacenters/NOCs are extremely high-security for obvious reasons. NT by Senor Barborito 08/15/2003, 8:26pm PDT
BECAUSE THEY'RE HOLDING OVER 500 GIGS OF HOT HOT TRANSEXUAL PRON???????????????? NT by Tom-Foolery Constructor 08/16/2003, 3:48pm PDT
BREACH! BREACH! HACKER ALERT! WE'RE COMPROMISED! by The IT guy at ConED 08/16/2003, 4:27pm PDT
Blaster by Ice Cream Jonsey 08/16/2003, 4:40pm PDT
Is the Linksys blackholing all incoming traffic or not? by Senor Barborito 08/16/2003, 5:30pm PDT
Re: Is the Linksys blackholing all incoming traffic or not? by Ice Cream Jonsey 08/16/2003, 8:13pm PDT
You do indeed misunderstand info on IM and blackholing traffic by Senor Barborito 08/17/2003, 1:54am PDT
The above post is very long. by Fussbett 08/17/2003, 3:36am PDT
Yes by Senor Barborito 08/17/2003, 3:42am PDT
HAHAHAHAHAHAHAHAHAH NT by Entropy Stew 08/21/2003, 10:49am PDT
Re: You do indeed misunderstand info on IM and blackholing traffic by corax 08/17/2003, 9:05pm PDT
This is my problem by Senor Barborito 08/17/2003, 11:01pm PDT
Re: This is my problem by bastage 08/17/2003, 11:20pm PDT
It's useful because it creates a direct connection between two firewalled hosts by Senor Barborito 08/18/2003, 1:28am PDT
Re: It's useful because it creates a direct connection between two firewalled hosts by bastage 08/18/2003, 8:54am PDT
Don't use ACKs by Senor Barborito 08/21/2003, 11:17am PDT
Barbie's life strategy summed up in a single post header NT by Entropy Stew 08/21/2003, 2:33pm PDT
Funny. You bastard. Shit that really IS pretty funny. :( NT by Senor Barborito 08/21/2003, 6:23pm PDT
Simply: by Entropy Stew 08/17/2003, 4:28pm PDT
Better suggestion by Senor Barborito 08/17/2003, 5:38pm PDT
Like they said. by laudablepuss 08/17/2003, 5:51pm PDT
Odds are it's not enabled anyway .. by bastage 08/17/2003, 7:36pm PDT
Re: Odds are it's not enabled anyway .. by Ice Cream Jonsey 08/17/2003, 8:02pm PDT
Trillian's file-transfer abilities aren't worth the time it takes to spit on 'em NT by Senor Barborito 08/17/2003, 8:09pm PDT
So in other words I'd have to grab the actual AIM client .. by bastage 08/17/2003, 8:42pm PDT
What specific version is it ..? by bastage 08/17/2003, 8:53pm PDT
I'm going to continue answering my own questions. by bastage 08/17/2003, 9:19pm PDT
I'm using an older beta than that by Senor Barborito 08/17/2003, 9:52pm PDT
Re: I'm using an older beta than that by bastage 08/17/2003, 10:07pm PDT
Re: Is Fussbett still here? by Flurgendorf J. Creexul 08/15/2003, 7:43pm PDT
Hey you know what my favourite part of this whole blackout thing was? by creativepig 08/15/2003, 8:26pm PDT
BECAUSE THEY WOULD CERTAINLY TELL US IF IT *WAS* TERRORISTS!!!! NT by Senor Barborito 08/15/2003, 8:29pm PDT
Re: Hey you know what my favourite part of this whole blackout thing was? by I need clarification 08/15/2003, 9:15pm PDT
Re: Hey you know what my favourite part of this whole blackout thing was? by Fussbett 08/16/2003, 4:11am PDT
Re: Hey you know what my favourite part of this whole blackout thing was? by Entropy Stew 08/16/2003, 9:37am PDT
Re: Hey you know what my favourite part of this whole blackout thing was? by Bill Dungsroman 08/18/2003, 12:01pm PDT
Re: Hey you know what my favourite part of this whole blackout thing was? by laudablepuss 08/18/2003, 12:53pm PDT
Re: Hey you know what my favourite part of this whole blackout thing was? by whydirt 08/16/2003, 12:40pm PDT
|
|
