[Malvern] Pc vs Routers

Stuart Parkington mrsparks_maillists at yahoo.com
Wed Nov 1 00:20:42 GMT 2006 

> I would disagree with the reliability argument that Stuart made. The 
> fewer moving parts the better for reliability. Something with no moving 
> parts will also be silent and likely use less power, which may or may 
> not be important to you.

Totally agree with the fewer MOVING parts. My box has no CD or floppy 
connected and the hard drive will be replaced with CF media/IDE Flash 
Memory module when I rebuild. My point was simply if one single 
component fails that component can just be replaced. With an single 
integrated device they are all (generally) mounted on the same pcb 
(especially on consumer grade devices).

Power is certainly becoming (or will shortly become) more of an issue 
for us all and thus will need to be considered in the final decision. 
I've been looking at producing some very low power, mini/nano-itx 
'home-brew' boxes as my 'next generation' server, firewall, bit torrent 
setup for exactly that reason. Even been toying with the idea of using 
12v car PCs and a DIY wind turbine!! How green would that be! :)


> To me this is one of the most important points. I very specifically 
> chose to use a non Linux OS in my firewall to give defence in depth. 
> Afterall, if you have a firewall for security it is a bit daft to have 
> it (potentially) vulnerable to the same bugs as the desktop machine you 
> are trying to protect. Insert line of dominoes analogy.

Understand that completely. It is exactly why our security bods at work 
(rightly) insist of a PIX on the external interface of a DMZ and a FW1 
on the internal. I have (previously) figured that there would be 
sufficient difference (and thus acceptable risk) between a dedicated 
Linux distro and a desktop distro, for my home network. Maybe I should 
look at a BSD based distro when I rebuild?

> At the moment I'm most intrigued by layer 2 firewalls. These things 
> don't have IP addresses, they essentially appear to be a piece of 
> Ethernet cable as far as the network is concerned. An Ethernet cable 
> that can reliably become unreliable, if you see what I mean.

Very intriguing indeed! Might have to take a look at layer 2 firewalls 
then. :)

Regards.
Stuart


-- 
---------------------------
Linux #423936  Ubuntu #4500
---------------------------
      'Narrf' on IRC
---------------------------

More information about the Malvern mailing list