LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 06-27-2012, 01:52 PM   #1
manuel19
Member
 
Registered: May 2010
Distribution: Fedora Core 8 (Werewolf)
Posts: 40

Rep: Reputation: 0
How to guarantee Server boot up 100% ALWAYS


I have installed to one of my customer a Firewall based on Linux fedora core 8.

The firewall server is running fine. At this day, the server have been working for 9 Days.

In the file: /etc/rc.d/rc.sysinit I add this lines:

/sbin/fsck -y
/sbin/fsck -y
/sbin/fsck -y
/sbin/fsck -u
/sbin/fsck -y

(5 times)

Using this config i believe i will always get Boot up in a 99.99%. (NEVER BOOT FAILS)

The hard disk is a Solid State disk. But this is NOT the point.

The point is that I don't want the firewall NEVER, NEVER fail on boot. But i know -->(ONLY Will FAIL if physical damage of the Solid state disk).

So, what you think? My 5 lines will do that?
What you think?

Note:* Do not recommend me have RAID's or other disk.
(I'm trying to avoid that)
 
Old 06-27-2012, 07:17 PM   #2
Slackyman
Member
 
Registered: Mar 2011
Location: Rome - Italy
Distribution: Slackware 13.1
Posts: 347

Rep: Reputation: 44
...and I want peace on earth!
Sorry but you cannot REALLY be sure (100%) it'll never fails.
I don't think that errors that cannot be recovered by the first fsck can be recovered on the second or third attempt.
One check can be enough.
 
Old 06-27-2012, 08:25 PM   #3
John VV
Guru
 
Registered: Aug 2005
Posts: 12,664

Rep: Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682
i there is NEVER 100%
except for the fact that 100% of the time there is NEVER 100%

ok that is out

Fedora 8
( the current fedora is 17 )
VERY BIG MISTAKE and one that people should be held CRIMINALLY LIABLE for ( yes in caps and bold ) -- think jail time

fedora 8 is VERY DEAD
It went END OF LIFE on 2009-01-07
Jan. 1 2009
YES 3.5 YEARS AGO

there have been NO security fixes to it in 3.5 YEARS
and there NEVER will be
Fedora 8 will NEVER have any updates, none- NEVER
every known AND FIXED security hole IS WIDE OPEN IN THE DEAD FEDORA 8


and people that install a unsupported ( and one that has been unsupported for 3+ YEARS ) should spent that amount of time IN JAIL

Yes in jail !!!

for something that has the BEST reputation for uptime and reliability
install the NOT FREE
RHEL 6.2
or the free rebuild
CentOS 6.2
 
Old 06-28-2012, 03:04 PM   #4
fogpipe
Member
 
Registered: Mar 2011
Distribution: Slackware 64 Current
Posts: 327

Rep: Reputation: 77
I have been using rox filer for years. Its blazing fast and gives you a desktop with shortcuts if you run it with
Code:
rox -pinboard
http://roscidus.com/desktop/ROX-Filer/
 
Old 06-29-2012, 06:21 AM   #5
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 11.4
Posts: 1,319

Rep: Reputation: 252Reputation: 252Reputation: 252
Quote:
Originally Posted by fogpipe View Post
I have been using rox filer for years. Its blazing fast and gives you a desktop with shortcuts if you run it with
Code:
rox -pinboard
http://roscidus.com/desktop/ROX-Filer/
How is this related to the firewall installation of the OP?
 
Old 06-29-2012, 06:24 AM   #6
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 11.4
Posts: 1,319

Rep: Reputation: 252Reputation: 252Reputation: 252
Quote:
Originally Posted by manuel19 View Post
I have installed to one of my customer a Firewall based on Linux fedora core 8.
Another option is to use m0n0wall, boot from CD and store the configuration on an USB stick. There is no disk necessary in the PC this way at all.
 
Old 06-29-2012, 12:38 PM   #7
NyteOwl
Member
 
Registered: Aug 2008
Location: Nova Scotia, Canada
Distribution: Slackware, OpenBSD, others periodically
Posts: 512

Rep: Reputation: 138Reputation: 138
As John VV put in such ... interesting ... fashion , you are doing your customer a disservice and leaving yourself open to liability (through lack of due diligence) by using such an outdated system as the base for a security appliance.

You might try looking at something designed as a firewall such as pfsense which does a really good job. If you must use a regular distribution for the machine then at least use something a bit more current. While John VV's choices would not be my first pick, they are good ones that have a proven track record in a production environment, when properly maintained, and if you are already familiar with Fedora would offer an easy option.

Last edited by NyteOwl; 06-29-2012 at 12:39 PM. Reason: fixed typos
 
Old 06-29-2012, 02:43 PM   #8
John VV
Guru
 
Registered: Aug 2005
Posts: 12,664

Rep: Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682
Interesting fashion , well yes.

but people really should never put a operating system that is 3+ years out of date and has not had security fixes added in 3+ years
that is unless it IS a honeypot

as to CentOS in a terminal only install on thew world facing machine
it is very reliable and stable , uses SELinux

And well i am used to using the red hat family of OS's

there are other OS's for a outward facing server/ firewall
 
Old 06-29-2012, 02:57 PM   #9
TenTenths
Senior Member
 
Registered: Aug 2011
Location: Dublin
Distribution: Centos 5 / 6
Posts: 1,408

Rep: Reputation: 433Reputation: 433Reputation: 433Reputation: 433Reputation: 433
Quote:
Originally Posted by John VV View Post
there are other OS's for a outward facing server/ firewall
freebsd springs to mind, that's what we use as a middle firewall on our production environment (Juniper SSG's for the front firewall) and CentOS for all other servers.
 
Old 06-29-2012, 03:30 PM   #10
jefro
Guru
 
Registered: Mar 2008
Posts: 11,086

Rep: Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362
Device makers offer hardware based firewalls that tend to have reliable up times. Get one from an enterprise level company.
 
Old 06-29-2012, 03:35 PM   #11
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux
Posts: 2,831
Blog Entries: 1

Rep: Reputation: 892Reputation: 892Reputation: 892Reputation: 892Reputation: 892Reputation: 892Reputation: 892
Quote:
Originally Posted by TenTenths View Post
freebsd springs to mind, that's what we use as a middle firewall on our production environment (Juniper SSG's for the front firewall) and CentOS for all other servers.
OpenBSD is the security conscious *BSD fork. I would use it instead of Fedora.

But a hardware Juniper (SSG 5 or XT or something) would be far more reliable and consume less space and power.
 
Old 06-29-2012, 04:28 PM   #12
TenTenths
Senior Member
 
Registered: Aug 2011
Location: Dublin
Distribution: Centos 5 / 6
Posts: 1,408

Rep: Reputation: 433Reputation: 433Reputation: 433Reputation: 433Reputation: 433
Quote:
Originally Posted by szboardstretcher View Post
OpenBSD is the security conscious *BSD fork. I would use it instead of Fedora.

But a hardware Juniper (SSG 5 or XT or something) would be far more reliable and consume less space and power.
Indeed, as I say, we use both, the Juniper protects the "front door" and the OpenBSD protects the hallway
 
Old 07-03-2012, 10:39 PM   #13
fogpipe
Member
 
Registered: Mar 2011
Distribution: Slackware 64 Current
Posts: 327

Rep: Reputation: 77
Quote:
Originally Posted by Reuti View Post
How is this related to the firewall installation of the OP?

Beats the heck out of me My guess is that i had too many tabs open and hit the wrong button
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
/boot partition at 100% aolong Ubuntu 7 11-13-2009 08:11 AM
Hacker cashes in on djbdns' $1,000 security guarantee win32sux Linux - Security 17 03-13-2009 05:55 AM
LXer: Lenovo Introduces Money Back Guarantee on Linux, Windows Servers LXer Syndicated Linux News 0 11-13-2008 10:00 PM
How to design routing protocol for ad-hoc networks with time guarantee? ArthurHuang Linux - Networking 0 05-04-2006 11:03 PM


All times are GMT -5. The time now is 11:21 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration