port-sparc: Re: NetBSD <-> OpenBSD

Subject: Re: NetBSD <-> OpenBSD
To: Peter Galbavy <peter@wonderland.org>
From: Per Gregers Bilse <bilse@EU.net>
List: port-sparc
Date: 07/03/1996 22:11:56
On Jul 3,  8:46, Peter Galbavy <peter@wonderland.org> wrote:
> On these points specifically; I think that in comparison to SunOS,
> NetBSD/sparc is "ready to go". It is when asking whether it is
> worth changing for changes sake rather than for a list of new
> features that you get.

Well, yes, sort of, I guess.  We had a couple of different versions
of 'current' running on some sun4c's a couple of month's ago, but
they didn't feel quite OK -- 7 bytes in FIFO queue, occasional
lock-ups when more than one disk was active, stuff like that.
Moreover, the SunOS machines we have are doing fine, and will
continue to do so for a while -- it's mostly in the corners of
network performance that SunOS is pushed, so they have been tuned
accordingly.  Plus of course disk I/O, but that is an eternal
problem.  But there will come a time when enough is enough, and we
will want to clean out the lot and have a clean slate.

> As for a reference machine, the *only* issue for a comapny like ours
> is the one you mention - that of the system being used for outward
> attacks. There must be a way of getting around this, and "vetting"
> the users before giving them IDs on the system ? Without going too far

This would be wide open to abuse, viz the mail spams from trial
accounts at various ISPs.  The only reasonably bomb-proof thing I can
think of is to firewall such a thing, and only allow incoming telnet,
and maybe ftp and some other stuff; nothing outgoing, effectively
meaning that only incoming TCP would be allowed.  Rather draconian,
but there seems little other choice.

> In fact, looking at where Per is based, how about jointly hosting
> them in Singel 540 ? (for those who do not understand the reference,

I'm not really sure how one would go about doing that, the machines
will obviously need to be located somewhere, with some network
connectivity.  Of course, they could be fitted out with an extra
ethernet, run gated, and be multihomed ... but a backdoor to our
machine room isn't on.

-- 
------ ___                        --- Per G. Bilse, Mgr Network Operations Ctr
----- /     /  /   __   ___  _/_ ---- EUnet Communications Services B.V.
---- /---  /  /  /  /  /__/  /  ----- Singel 540, 1017 AZ Amsterdam, NL
--- /___  /__/  /  /  /__   /  ------ tel: +31 20 6233803, fax: +31 20 6224657
---                           ------- 24hr emergency number: +31 20 421 0865
--- Connecting Europe since 1982  --- http://www.EU.net  e-mail: bilse@EU.net