Re: [cobalt-users] telnet access to users?

[Jeff Lasman <jblists@xxxxxxxxxxxxx>]

At 10:16 AM 1/20/00  Kris Dahl wrote:

> This is my whole point really.  I'm not worried about the casual user.  I'm
> worried about the hard core guy that is going to get in one way or another.
> Any of these 'precautions' seem silly to me, because they WILL find a way to
> get into your system if they really want.

When I started in the Internet business, in 1994 (I'd been playing in it 
for a few years previously), I did it with a simple account on someone 
else's box running linux v0.99.  I had telephone line access (not telnet, I 
ran a terminal package through a modem).  When I started reselling I got my 
own box, put it in my spare bedroom, got a flat-rate ISDN line at my home, 
got an ISDN line at his office (I paid for both) and paid him $70/month 
additional.  I ran PPP, so did he, and I sold space on my server, 10 
megabytes (which no one ever used, most sites being well under a megabyte 
in those days) for $30/month.  I made enough to retire the first time the 
middle of 1995.

But times are different now.  I no longer even consider telnet 
access.  Anyone who wants to get the "feel" of linux should just get his 
own linux software and his own cheap pc.  Anyone who needs to do things on 
a server that can only be done through telnet should get their own box.

They're cheap enough.

> There is nothing wrong with people being able to 'snoop' around a server.

Not true since people have become malicious.  For how many years did the 
recently disclosed majordomo hole exist?  How many others like it are 
currently on your box?

You're obviously NOT an ISP.  Most ISPs will eventually get hacked.  We 
haven't been yet; we only opened for business the first of this year 
<smile>.  But we expect to be.  Make it hard.  Not easy.

> Typically, you aren't able to read stuff that is in other users directory
> unless its world readable.  There is nothing wrong with the ablitity to look
> at config files, etc. on the server--I have numerous times caught a mistake
> in a configuration and notified the sysadmin.  Saves me time, cause I don't
> have to wait for the admin to figure out why its not working--I can tell
> him/her.

Good for you.  You're honest.  Others aren't.  Even the culture of the 
Internet isn't pro-honestly.  FREE KEVIN is a wonderful concept.  But Kevin 
really did something, you know.

> Personally, I have been getting really turned off of the whole leased/shared
> server bit.  Its getting SO inexpensive to own and operate your own server
> that it really starts to make sense.

Exactly.  So if you need telnet, get your own, disable telnet, and install SSH.

> If its a small-medium site, you can
> host it on a standard DSL line for less that $100 / mo.

Sounds low.  Here in Southern California, the lowest-cost "business-class" 
dsl connection I can get is 160 kbps for us$99/month (that's my selling 
price).  With five usable IP#s.  Yes, there are lower classes of service, 
with and without static IP#s, with and without contracts that allow 
servers.  But let's talk being professional here.  Let's not cheat by 
buying an aDSL line designed for home use and putting a server on it.  That 
won't work in the long run anyway; too much bandwidth aggregation first hop 
upstream.

> I can co-located on
> a 10MB network for less that $200 / mo (for like 5 gigs xfer).

Our selling price is a bit higher, but with a multiple DS-3 connection, and 
32 gigabytes of transfer.  We can throw in the RaQ2 with a 7 gig hard drive 
and 128 megs of ram for only a bit more.  Or a RaQ3 for not much more than 
that.

If you really want cheap, how about a 233mHz Pentium, 2 gigs hard drive, 32 
megabytes of ram, for only $150/month including 2 gigabytes of transfer 
<smile>.  I know a few ISPs that started that way <smile>.

> Its just
> doesn't make sense to share servers anymore (IMHO).

Agreed <smile>!

> I'm kinda excited about
> the Cursoe chips--think instead of having a virtual host, you have a real
> web server that is no larger than a 3.5" hard drive.  Cheap too.

That scares me a bit though; how can I compete costwise, and still make a 
living?

> I would really like to see cobalt get into the super-micro-server--single,
> dedicated host per site.  Single Board Computers, etc.

The lowest end RaQs do this admirably.

Jeff
--
Jeff Lasman, nobaloney.net
<jblists@xxxxxxxxxxxxx>
<www.nobaloney.net>, <www.mailtraqna.com>, <www.email-lists.com>