Comment Re:Buffalo (Score 2) 427
Some of them ship with dd-wrt preinstalled, if you go for those models then you can be sure of compatibility.
Some of them ship with dd-wrt preinstalled, if you go for those models then you can be sure of compatibility.
A small cheap UPS could keep something as low power as this running for a long time, brief power outages shouldn't pose a problem. And if you build it correctly, you shouldn't really need to reset it.
You can get the Mirabox, or one of its predecessors like the OpenRD or Dreamplug, all of which have dual GigE and some have a pcie slot and/or wifi too. They are only single core, but for a router that's more than adequate. I have 100mbit connectivity, the openrd can saturate the link just fine and the mirabox has a somewhat faster cpu.
Combined with a decent managed switch, you can use VLANs to get more interfaces. I have 2 WAN links which are vlanned and connected to the same physical nic, and several internal VLANs for different purposes.
I always prefer to have separate devices, i would be in a similar boat to you because the line enters the house in an awkward place. I have cat6 throughout the house, and an AP located about as centrally as it can be, but that still results in spotty service in one of the bedrooms and its unusable in the garage or the garden.
How are you supposed to go online to configure your router?
Surely you need to configure your router *before* you can get online?
Thats what happens if you buy proprietary junk... I have some much older hardware phones which support SIP, and they all still work.
So find a service provider who offers the same service, but does so using standard protocols like SIP or IAX, they won't care what client you use and you have a choice of hundreds. There are plenty of such providers out there.
Another question to ask is, why was someone at google looking at someone's personal email account?
Only it's quite easy to charge snowden with a crime, while the ethics of what he did and what he exposed can be questioned, from a purely legal standpoint he did commit a crime.
That's completely the wrong approach..
If your hosts aren't secure enough to be on the public internet, they shouldn't be on an internal network either. Many attacks come from the inside, and if you have a large number of insecure hosts hidden behind a border firewall then all it takes is one tiny hole and everything can come crashing down, as has happened many times in the past.
A firewall is not the ultimate answer, and nor should it be your only line of defense. If hosts are correctly configured, then a firewall won't actually improve security as the only services exposed on the host will be ones you intended to run and thus explicitly allowed through the firewall.
If ports are unused, then the hosts themselves will reject any traffic sent to them without the need of a firewall...
If the hosts are running services you don't want, then you haven't configured your hosts correctly and hiding poorly configured hosts behind a firewall is not the answer.
Assuming the servers are correctly configured and hardened, then a firewall is an additional layer - ie the ports allowed by the firewall will be those ports that you have explicitly opened on the server, nothing else should be present irrespective of what the firewall allows. Wether you then need one depends on your budget, your risk profile, wether you need to comply with any external requirements (like pci-dss) etc.
Personally i have many servers with no firewalls, because having a firewall would add additional hosting cost, additional point of failure, additional attack surface, additional latency, and the servers themselves don't run any services that aren't intended to be open to the internet (and thus everything thats running would be allowed by the firewall anyway).
The benefits of having a firewall in my case - an extra place for logs incase my host is compromised, and the ability to control outbound access if the host is compromised, are outweighed by the downsides. The chance of the host actually becoming compromised in the first place wouldn't be decreased by the addition of a firewall, but you'd have the additional risk that the firewall itself could be compromised.
Short term it may cost more, long term it should save a lot... As someone who fully expects to still be paying taxes in 10 years time, i welcome long term savings.
As for interoperability, they are the government... You either want their business (eg suppliers), or you have no choice (eg taxpayers)... If they require that you submit documents in ODF then that's what you do, or they will find other suppliers who will.
Security through obscurity is an accident waiting to happen... When you talk about a system that noone would bother trying to hack, consider the bitcoin exchange mtgox - it started off as a simple site for trading game cards, and initially bitcoins had very little value - there was very little interest in hacking it. Then pretty much over night bitcoin exploded in value, making it a very tempting target indeed.
Also when you talk about a power plant system, a one way link is the security, not the obscurity aspect.
A secure system is one where even those who know the system inside out cannot break into it.
Well another part of the problem is that bikes are also not registered... Cars have license plates which allow people to easily identify the vehicle, bikes do not, which means bike riders feel far more anonymous and able to get away with illegal activities.
Real Programmers don't eat quiche. They eat Twinkies and Szechwan food.