RE: [cobalt-users] Cobalt Questions (newbie)

[<rpaiz@xxxxxxxxxxxxxx>]

> As for the linksys router, I would like to remove this from
> my network and use the cobalt instead for firewall,NAT and
> routing.
>
> I agree that the raq seems better suited for my purposes from
> a management point (at least the virtual domains)
>
> If I go with a raq over the qube, are the missing components
> difficult to install/setup? Namely I would like to implement
> the following : Firewall/router, NAT, DHCP, and cross platform
> file share (although I'm sure this can be circumvented with ftp).

I'm not sure you see it, but I think there's a huge flaming gap in your
reasoning. Why not buy the RaQ, and continue using your Linksys for
firewall, NAT, and routing? Of course you'd also configure the packet
filter firewall on your RaQ to protect it, but the "missing" functions
are provided by a box you already own.

About the only thing you'd like to do is get a Net connection that has
at least two static IP addresses: one for the Linksys and one for the
RaQ. And yes, you really do want static addresses if you're going to set
up a webserver... what you pay monthly ($50, $75?) will more than be
made up in the grief you save yourself.

> Would moving up to an XTR for the BlueLinq service and
> built-in web-mail be beneficial ? I only ask, because
> the price is nearly double. I would imagine the updates
> for the OS are available via the web as well, so the only
> issue is the difficulty in setting up the web-mail system.

Warning: this opinion may be worth exactly what you just paid for it. I
recall you saying something about basically doing sites for friends and
family... something that may or may not provide income but isn't the
biggest deal in the world. Honestly, I'd try to go for a RaQ-2, which
you can find on Ebay or someone on-list will sell you. Since it and the
Qube-2 were both MIPS-based, the single OS Restore CD contains both
versions. So you can buy a Qube *and* a RaQ, depending on what you wish
to run at the time.

Of course, there's some pretty ancient software on that CD, so you're in
for a massive job of upgrading (BIND 4.9? My God...) Check out the
patches on the website, but I do believe that these will get you up to
most modern versions of software. In either case, you're definitely
settling for lesser boxes that will give you somewhat more work to make
into prime systems... but you're saving about $4,000 on hardware too.
Heck, buy this:

Linksys 2-Port Print Server with      $120
            4-Port 10/100 Switch
Qube2                                 $500
RaQ2                                  $800
24U Rack with wheels                  $300
APC Smart-UPS 2200 Rack-mount         $650
Serious PC with 2 Hard Drives       $1,200
                                    ======
                                    $3,570

...far less than the XTR, and you'll have more fun and learn more even
if you do more work. You'll also have a mini-NOC all set up. :)

IMHO, spending $5,000 on a server is not done unless you (a) have money
to burn or (b) you know you're going to get it back. Making assumptions
(yeah, I know) from your writing I don't think either is the case.

> Also is there any benefit to web caching for small scale sites ?

I think you've got this backwards. Web caching on a Qube is to cache all
the sites that *you* visit, so that retrieving them later is quicker
since you don't have to download everything each time. Same purpose as
your browser cache.

> Anyone care to recommend some good books (Linux setup/admin,
> apache, etc). I am an IT professional (WinNT,Novell,Mac), but
> very little Linux experience.

Oh, so many... for general coverage and getting you started, try RedHat
7.0 Unleashed, or Using RedHat 7.0, or one of those huge fat tomes like
that. Very useful thing. When you want more specific stuff, ask again.
(Not brushing you off, this is the best advice I have... and I bought
$400 worth of books when I was where you are just four months ago.)

> I feel this is something to learn. I played with the idea of
> using Win2000 w/ IIS and exchange for my server, since I can
> and have setup/maintained these systems, but really want to go
> the Linux/cobalt route as learning tool.

In that case I agree with myself on the advice given above. Buy a RaQ-2,
get the Restore CD, learn to do things the Cobalt way (somewhat
different than other ways) and you'll have a fully-functional server in
10 minutes that you can manage with your left pinky. Then set up the PC
shown above with two hard drives, and install Windows on one and Red Hat
Linux 7.0 on the other. Use that as your hard-core learning machine, and
learn the RedHat way, which is slightly different from the Cobalt way.
Maximum learning, less cost.

> I also realize the security question was a bit vague. I am
> aware that most systems are not secure, but there seemed to
> be MANY treads regarding security problems w/ cobalts in the
> archives. I got the impression security is very poor, or
> easily exploitable. If they are correctable, then not a
> problem.

Security on Cobalts *is* very poor out-of-the-box just like any other
Linux system, but less so than any out-of-the-box Windows system. And,
like other Linux boxes, fairly easy to secure.

However, too many people with *zero* knowledge buy Cobalts, and they
along with those who believe that Cobalt has a moral and legal
responsibility to provide a bulletproof box, all got caught with their
pants down. Many many Cobalts were hacked... IMHO, this does show some
weaknesses in Cobalt's updating/patching calendar but even more shows
the average level of sysadmin knowledge in the owners community. Not
saying those are bad people, just clearly not fully prepared to deal
with a Net-connected server.

--
Rodolfo J. Paiz
rpaiz@xxxxxxxxxxxxxx <mailto:rpaiz@xxxxxxxxxxxxxx>