[LUNI] Making a private network somewhat public.

Jason Rexilius jason at hostedlabs.com
Wed Dec 19 09:48:19 CST 2007 

You could mount one of them read-only, but to have both write you would 
have to run some kind of cluster filesystem to handle locking on the 
separate machines.


Eric Ellington wrote:
> Hurm... That sound a bit complicated. Why not put the USB drive into
> computer A and share it over the network with computer B?
> 
> On Dec 19, 2007 9:06 AM, Richard Reina <gatorreina at gmail.com> wrote:
>> Does anyone have an idea if spliting a USB flash key with a USB hub
>> would allow two pc's to simultaneously access the flash drive?
>>
>>
>>
>> On 12/13/07, Carey Tyler Schug <sqrfolkdnc at comcast.net> wrote:
>>> The original problem also stated "send reports over the internet".
>>>
>>> Doesn't sound like a continuous 24x7 kind of task.  Plug the web enabled
>>> computer into the internal network, create and send email, unplug.  Or,
>>> connect web enabled computer into internal network (only), create email,
>>> unplug and plug into www (or dial-up) and send email.  The exploit would
>>> have to be intelligent enough to work unsupervised and store-and-forward
>>> whatever it did.
>>>
>>> Also, If you want it, a 100% security solution.  Connect two serial
>>> ports together, with the internal computer configured as an output port
>>> and the web computer configured as input.  No amount of hacking on the
>>> web computer can affect the internal network, since it only WRITES to
>>> the connection.  This could be custom or some software unknown to me, or
>>> the internal computer could run a terminal emulator (via a script) to
>>> talk to a terminal session on the www, and create a file (in edit) and
>>> "type" the report into that computer, and close the file.
>>>
>>> Another 100% solution, more costly, but simpler.   Get some kind of
>>> shared storage with two separate connections, one for the web side and
>>> one for the internal side.  Write the report to disk from the internal
>>> side, read from web enabled side.   This could also be an automated tape
>>> (or writable DVD) library, perhaps more of them have dual porting than
>>> current disk arrays, and might be useful in its own right for backups
>>> (and maybe you already have a tape library?).  here are some examples of
>>> dual port SCSI disk arrays on ebay:
>>> http://cgi.ebay.com/HP-SFS20-Storage-Array-Enclosure-MSA20-with-Dual-Port_W0QQitemZ270196591601QQihZ017QQcategoryZ64072QQssPageNameZWDVWQQrdZ1QQcmdZViewItem
>>> http://cgi.ebay.com/HP-SFS20-Storage-Array-Enclosure-MSA20-with-Dual-Port_W0QQitemZ270196598912QQihZ017QQcategoryZ64072QQssPageNameZWDVWQQrdZ1QQcmdZViewItem
>>> There may be other shared storage solutions, but SAN connected via
>>> Ethernet *MAY* be susceptible to being compromised via commands sent
>>> over Ethernet.  I am much more confident that a SCSI connected storage
>>> array cannot be hacked into via SCSI commands, and even if it was, it
>>> could not attack your internal network that only talks to it via a SCSI
>>> interface.
>>>
>>> This last could be more general, the www computer could request a
>>> specific report which the internal network would then create for it.
>>> The other solutions tend to imply some fixed set of reports that go out
>>> on some fixed schedule.
>>>
>>> --
>>> Carey Tyler Schug
>>>
>>> --
>>> Linux Users Of Northern Illinois - Technical Discussion
>>> http://luni.org/mailman/listinfo/luni
>>>
>> --
>> Linux Users Of Northern Illinois - Technical Discussion
>> http://luni.org/mailman/listinfo/luni
>>
> 
> 
>

More information about the luni mailing list