My boss at work has put me in charge of the 2U change out, he is going to replace the old board and cpu set with a dual zeon, currently he has fedora core 4 running blue quartz or better know as suns cobalt. primarily it will be a NS1 or "aka DNS", I beleve he wants to do some added extras like active directory for user accounts, but he didnt go into great detail about it, due to lack of discussion time, I had to many servers to do monthly maintaince on, so, doe anyone have a better solutution idea on something more stable/ lighter on resources/ more solid.....

I will post updates on what the full task of the 2U will be.

mmills

Well seeing how your boss didn't tell you what the specifics were its hard to give you advice.


My boss at work has put me in charge of the 2U change out, he is going to replace the old board and cpu set with a dual zeon, currently he has fedora core 4 running blue quartz or better know as suns cobalt


So are you just making hardware recommendations, or are you expected to implement the changes, install software, and do the configurations etc?


so, doe anyone have a better solutution idea on something more stable/ lighter on resources/ more solid.....


What are the current bottlenecks, how is the current server not servicing your needs? Once you figure that out you can then start to decide what changes need to be made.

the current functionallity of this machine will be DNS only, as far as right now....
:D

Well I setup both NS1 and NS2 at work, the reason he has decided to use fedore core 1 with the blue quartz interface is ease of use, altho I am a bit worried that both DNS machines are wide open on security issues, could someone direct me to a link on fedora terminal info so I can manually update it via terminal. I am more familiar with debain, I dont know much about rpm and redhat console language.

sudo apt-get install fedora info/home/hahaha.deb

matt

Why are we running Fedora Core 1? Why not Fedora Core 4? That's going to be more up to date, and you'll have more security patches out of the box.

Also, if we're just doing DNS, why not install something like FreeBSD on this machine? Get it up and running, no GUI, just BIND, SSH, CRON, and a logging daemon. If you want anything more, you could install an MTA to deliver timely status reports to a mailbox.

What are we looking at for firewalling these machines? Are they going to be available to the whole free world? If so, I'd definitely go with something you're comfortable with updating. If you're good with Debian, why not convince the boss to go with that? That's one of the best OSes I could recommend to use as a server that's going to "live in a closet", and not get touched, except for regular security updates.

addendum: Before anyone goes any further, I'm not turning this into a "my distro suggestion is better than yours" match-- I'm simply curious to know why they chose FC1, which is about 2 years old now.

dont scold me dude, I told him that fedora core 1 was as about as old as dirt, but he went over the whole bluequartz.org shpeel with me about how easy it will be for him to change setting on when Im not here to do it for him, blue quartz didnt do the update ver for fedoracore 4, I prefer debain, but until someone cracks his precious little ns1/ns2 machines he wont listen to me.

I agree debian with bind is the best way to go, and hey its job security for me, he hates linux, so this is a good starting point. as soon as we through them in the network, I will offer up ip addresses for all you local network guys to try and kill it, this way I will make my point, and security, a hardware router is all it has, he told me to disable the firewall....why?........not really sure.

matt

Yeah, let's not post those IP addresses-- that stuff's kind of illegal, so we shy away from that type of stuff. Oh, and I'm not scolding you-- I think it's pretty obvious the choice of distro wasn't yours.

What I would do, if I were you, is make sure that you've configured everything as securely as you possibly can. This may break the "gui" configuration that FC allows you to use, but consider creating the DNS server in a sandbox. That way, even is someone does crack you, then they won't be able to do too much damage.

You can keep an old system in use so long as it's properly secured. My router, for instance, is running NetBSD 1.6.2 but that joker's locked down.

What kind of hardware router are you running? Could you replace it with an OpenBSD machine, or some other system? At least you'd have control "at the valve" of who could get in, and who couldn't. Like I was asking earlier, are these machines meant to be publicly accessible, or do you just need certain clients on the internet to access them?

the hardware router is a d-link 8 port I think, we have 10mg bandwidth at work, ns1 and ns2 are being replaced, he is bound on ease of use, so netbsd and console is not going to fly with him, I like the bluequartz software except for the small fact of fedora core1, kinda old, but this is the only decient OS the company made the package for, me I would love to use it on debian, heck even ubuntu would be better than fedora core 1...................he asked me to crack ns1& 2 at work to prove to him that his solution isnt the better one, I offer that to anyone who wants to take a stab at it.

matt

they have a link for the application at ftp://bluequartz.org/pub/oss/1.4/CobaltQube3_OSS_1.4.tar.gz so that you can build it yourself, but I am not advanced yet, my boss likes ubuntu, I gave him one of my ship it cd's of 5.10, if I had 5.10 ISO with blue quartz built in I could convince him to change OS ver and distros

he told me if I could get a different version linux and got the build working I could beta test it and then through it in after all looks good.........