Hi, I use CentOS as a firewall/proxy/webserver/fileserver in my small network. As the small-spec machine with CentOS is heavily loaded/used I can't afford downtime. 20 GB, pentium II with only 128 MB RAM. However I want to know the news on 4.5 is it due soon? Can I gain more by running CentOS 3.x range on such an old machine like mine? Will CentOS 5.0 mean you need a minimum of 512 RAM? What is the latest on this? Are there any addons for CentOS such as squidguard/dansguardian etc? that can assist in parental controls? ___________________________________________________________ All New Yahoo! Mail ? Tired of Vi at gr@! come-ons? Let our SpamGuard protect you. http://uk.docs.yahoo.com/nowyoucan.html
> > I use CentOS as a firewall/proxy/webserver/fileserver > in my small network. As the small-spec machine with > CentOS is heavily loaded/used I can't afford downtime. > 20 GB, pentium II with only 128 MB RAM. > > However I want to know the news on 4.5 is it due soon? > Can I gain more by running CentOS 3.x range on such an > old machine like mine? > > Will CentOS 5.0 mean you need a minimum of 512 RAM? > What is the latest on this? > > Are there any addons for CentOS such as > squidguard/dansguardian etc? that can assist in > parental controls? >If at all possible, upgrade your RAM to the maximum RAM for that machine if you do not wish to change boxes. It shouldn't be expensive. If your needs are changing significantly, move to a inexpensive yet quality Pentium 3 box - rh -- Robert - Abba Communications Computer & Internet Services (509) 624-7159 - www.abbacomm.net
On Fri, Dec 29, 2006 at 01:41:54PM +0000, Josh Donovan wrote:> Hi, > > I use CentOS as a firewall/proxy/webserver/fileserver > in my small network. As the small-spec machine with > CentOS is heavily loaded/used I can't afford downtime. > 20 GB, pentium II with only 128 MB RAM. > > However I want to know the news on 4.5 is it due soon? > Can I gain more by running CentOS 3.x range on such an > old machine like mine? > > Will CentOS 5.0 mean you need a minimum of 512 RAM? > What is the latest on this? > > Are there any addons for CentOS such as > squidguard/dansguardian etc? that can assist in > parental controls? >Not directly answering your question, but... You may wish to investigate one of the small standalone firewall distributions such as Smoothwall, IPCop, or m0n0wall (bsd-based). They will all easily run in 128mb, and are easy to configure. They are all easy to install. M0n0wall looks intriguing, I may give it a try here someday,... it runs from non-writable media such as a CD and saves config on a floppy. It can be run from a hard drive or a flash memory card of some sort too. The obvious advantage is that if someone cracks the machine they can't do any damage (to it, directly) because it's not writable. And you really shouldn't be running web- or file-servers on your firewall, the more stuff running on it the more opportunities you present for an evil person/entity to crack it. I'd suggest using one of the above then put another machine in a DMZ to do web server duty (if it is supposed to be externally visible-- otherwise put it on another machine INSIDE the firewall on the "green" (allegedly safe) network). I'm running Smoothwall Express 2.0 on my old K6-2/500 machine with 128MB of memory and a 3 or 4 gig drive. It just runs and runs and runs and doesn't come anywhere near using up all the memory. Before that box became available I ran it on things similar to P90 or AMD K5, both around 90-100 Mhz for several years with 64MB of ram and it ran just fine on those machines too. Fred -- ---- Fred Smith -- fredex at fcshome.stoneham.ma.us ----------------------------- The eyes of the Lord are everywhere, keeping watch on the wicked and the good. ----------------------------- Proverbs 15:3 (niv) ----------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 191 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos/attachments/20061229/819ba186/attachment.sig>
Quoting fredex <fredex at fcshome.stoneham.ma.us>:> And you really shouldn't be running web- or file-servers on your firewall, > the more stuff running on it the more opportunities you present for an > evil person/entity to crack it.While this is generally good advice, for a small home network it is not always practical (which I guess Josh is running). I mean, how many machines you want running in your basement? I've got handfull of $20 machines in my basement currently. But that's just because I have a) a nice big basement and b) live in Manitoba, the place with cheapest electricity in North America. However, soon I'll (probably) have no basement at all, and will be in a place with probably the most expensive electricity in North America, and I'm seriously considering consolidating everything and bringing the count of "infrastructure" machines down to one. Virtualization might be a good tradeoff between security and comodity in this case. Two phisical networks (to inside and to outside) and one completely virtual network (for DMZ), with virtual machines performing the tasts of firewalls and servers. However it would require nice beefy box to run smoothly. And I'm not sure if I want to replace my $20 machines with $1000+ machine. I'd rather use that money to buy Civic Hybrid or Prius (Tesla car would be nice too, but it is a bit above my price range) and drive to work in carpool lanes ;-)
On Fri, 2006-12-29 at 10:37 -0500, fredex wrote:> On Fri, Dec 29, 2006 at 01:41:54PM +0000, Josh Donovan wrote: > > Hi, > > > > I use CentOS as a firewall/proxy/webserver/fileserver > > in my small network.<snip> ... > > 20 GB, pentium II with only 128 MB RAM. > > > > <snip>> Not directly answering your question, but... > > You may wish to investigate one of the small standalone firewall > distributions such as Smoothwall, IPCop, or m0n0wall (bsd-based). > They will all easily run in 128mb, and are easy to configure. > They are all easy to install. > > M0n0wall looks intriguing, I may give it a try here someday,... it runs > from non-writable media such as a CD and saves config on a floppy. It > can be run from a hard drive or a flash memory card of some sort too. > The obvious advantage is that if someone cracks the machine they can't > do any damage (to it, directly) because it's not writable. > > And you really shouldn't be running web- or file-servers on your firewall, > the more stuff running on it the more opportunities you present for an > evil person/entity to crack it. > > I'd suggest using one of the above then put another machine in a DMZ > to do web server duty (if it is supposed to be externally visible-- > otherwise put it on another machine INSIDE the firewall on the "green" > (allegedly safe) network). > > I'm running Smoothwall Express 2.0 on my old K6-2/500 machine with > 128MB of memory and a 3 or 4 gig drive. It just runs and runs and runs > and doesn't come anywhere near using up all the memory. Before that > box became available I ran it on things similar to P90 or AMD K5, both > around 90-100 Mhz for several years with 64MB of ram and it ran just > fine on those machines too.I second all Fred said. I have a 200MHz Pentium w/96MB running IPCop (1.11 now) and it just hums (eliminating fans would eliminate the "hums" too! :) But, I have also installed it (for test/backup) on my wife's discarded Aptiva w/ a real 486 and very little memory (I don't recall how much, whatever came from the factory... 32MB, 64MB, 128MB?). Also on an AMD 486 clone (x586?) 100MHz with 36MB of memory. Only differences observed seem related to half/full duplex nature of the NICs and raw speed. With my cable being in the "boonies" and a stock Toshiba cable model, good sites get me 600-700 kChars/sec on the Pentium, appx. 530K/sec on the AMD and 460K/sec on the Aptiva. With that in hand, Aleksandr's staple, $20 machinces, should fit in your scenario very nicely. Like him, I have a bunch of those (even some $10 ones - 386SX comes to mind). Find justification for their continued existence seems to be my biggest problem! :P> > Fred > <snip sig stuff>HTH -- Bill
On Fri, 2006-12-29 at 10:37 -0500, fredex wrote:> On Fri, Dec 29, 2006 at 01:41:54PM +0000, Josh Donovan wrote: > > Hi, > > > > I use CentOS as a firewall/proxy/webserver/fileserver > > in my small network.<snip>... 20 GB, pentium II with only 128 MB RAM. > > > ><snip>> Not directly answering your question, but... > > You may wish to investigate one of the small standalone firewall > distributions such as Smoothwall, IPCop, or m0n0wall (bsd-based). > They will all easily run in 128mb, and are easy to configure. > They are all easy to install. > > M0n0wall looks intriguing, I may give it a try here someday,... it runs > from non-writable media such as a CD and saves config on a floppy. It > can be run from a hard drive or a flash memory card of some sort too. > The obvious advantage is that if someone cracks the machine they can't > do any damage (to it, directly) because it's not writable. > > And you really shouldn't be running web- or file-servers on your firewall, > the more stuff running on it the more opportunities you present for an > evil person/entity to crack it. > > I'd suggest using one of the above then put another machine in a DMZ > to do web server duty (if it is supposed to be externally visible-- > otherwise put it on another machine INSIDE the firewall on the "green" > (allegedly safe) network). > > I'm running Smoothwall Express 2.0 on my old K6-2/500 machine with > 128MB of memory and a 3 or 4 gig drive. It just runs and runs and runs > and doesn't come anywhere near using up all the memory. Before that > box became available I ran it on things similar to P90 or AMD K5, both > around 90-100 Mhz for several years with 64MB of ram and it ran just > fine on those machines too.I second all Fred says. I have IPCop on 200MHz Pentium with 96MB. Runs steady and fast enough (good sites appx. 700K chars/sec. Cable and in the boonies responsible for that). I have also run it on my wifes discarded Aptiva (486 and 64MB? 32MB?) and my AMD "486 clone", x586 100MHz 36MB. Only difference is speed. Aptiva about 430K chars/sec, AMD about 510K chars/sec. Like Aleksandr, I'm loaded with old used ceapo machines too (386SX anyone?). If you can get a $20 machain (and one for backup?) you would be making a wise investment, IMO, by having a firewall-dedicated node separate from your "server/ws".> > Fred > <snip sig stuff>HTH -- Bill
On Fri, 2006-12-29 at 10:37 -0500, fredex wrote:> On Fri, Dec 29, 2006 at 01:41:54PM +0000, Josh Donovan wrote: > > Hi, > > > > I use CentOS as a firewall/proxy/webserver/fileserver > > in my small network. As the small-spec machine with > > CentOS is heavily loaded/used I can't afford downtime. > > 20 GB, pentium II with only 128 MB RAM. > > > > However I want to know the news on 4.5 is it due soon? > > Can I gain more by running CentOS 3.x range on such an > > old machine like mine? > > > > Will CentOS 5.0 mean you need a minimum of 512 RAM? > > What is the latest on this? > > > > Are there any addons for CentOS such as > > squidguard/dansguardian etc? that can assist in > > parental controls? > > > > Not directly answering your question, but... > > You may wish to investigate one of the small standalone firewall > distributions such as Smoothwall, IPCop, or m0n0wall (bsd-based). > They will all easily run in 128mb, and are easy to configure. > They are all easy to install. > > M0n0wall looks intriguing, I may give it a try here someday,... it runs > from non-writable media such as a CD and saves config on a floppy. It > can be run from a hard drive or a flash memory card of some sort too. > The obvious advantage is that if someone cracks the machine they can't > do any damage (to it, directly) because it's not writable. > > And you really shouldn't be running web- or file-servers on your firewall, > the more stuff running on it the more opportunities you present for an > evil person/entity to crack it. > > I'd suggest using one of the above then put another machine in a DMZ > to do web server duty (if it is supposed to be externally visible-- > otherwise put it on another machine INSIDE the firewall on the "green" > (allegedly safe) network). > > I'm running Smoothwall Express 2.0 on my old K6-2/500 machine with > 128MB of memory and a 3 or 4 gig drive. It just runs and runs and runs > and doesn't come anywhere near using up all the memory. Before that > box became available I ran it on things similar to P90 or AMD K5, both > around 90-100 Mhz for several years with 64MB of ram and it ran just > fine on those machines too. > > Fred > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos