[Sussex] Tight File Server

Andy Smith andy at lug.org.uk
Fri Jul 13 02:34:42 UTC 2007


Hi,

On Thu, Jul 12, 2007 at 09:44:09AM +0100, Nic James Ferrier wrote:
> "Nico Kadel-Garcia" <nkadel at gmail.com> writes:
> 
> > As soon as you do *anything* CPU intensive, such as SSL access, SSH access,
> > virtual hosts,  serving more than a few users at a time, you're going to
> > start swapping like nobody's business. This is going to dog any noticeable
> > performance even worse than the slow CPU will. Like handcarving your own
> > doorknobs, it's usually easier and faster just to buy them or even salvage
> > them.
> 
> Hmmm... maybe the security could be done with just IP restriction?
> 
> If the risk is even relatively high (not national security, or vital
> competitive data) IP restriction could work at very low CPU/memory
> cost.

Without transport layer encryption (e.g. SSL, SSH, TLS etc.) any
machine on the LAN can snoop on any other machine on the LAN.
Perhaps that is not an issue if everyone on the LAN is to be able to
read everything on the fileserver, but also think about any visitors
to the office who may wish to plug in their laptops or join the
netork via wifi on their phones.

Also sending the data over the Internet in the clear is dangerous,
though presumably if they already have remote access then they
already have a VPN solution for that.

I am surprised that a couple of hundred pounds can't be found to get
a beefier server, since slow performance there will result in lost
productivity for everyone.

Cheers,
Andy

-- 
http://bitfolk.com/ -- No-nonsense VPS hosting
Encrypted mail welcome - keyid 0x604DE5DB
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mailman.lug.org.uk/pipermail/sussex/attachments/20070713/9a657c4d/attachment.pgp 


More information about the Sussex mailing list