Home internet server is old and insecure
October 28, 2005 11:32 AM
I have been PWNZORED by Russian spammers!
I bought a Gateway Microserver off eBay real cheap. It is a Gateway Branded Sun Qube 2 that I wanted so that I could run my own services out of my house, and learn a little server administration. Unfortunately, the interface (no disk drive, web based administration) is unusual, and official updates stopped coming out awhile back. The Apache 1.3 loaded was aparently no longer secure, and I had to shut it down at the request of my ISP. Is anyone running one of these boxes, and if so what are you doing to keep it secure and hopefully user friendly as it was intended to be?
It is going to sting if you tell me I am an idiot for trying this, without knowing more Linux or something, so let us not do that.
I bought a Gateway Microserver off eBay real cheap. It is a Gateway Branded Sun Qube 2 that I wanted so that I could run my own services out of my house, and learn a little server administration. Unfortunately, the interface (no disk drive, web based administration) is unusual, and official updates stopped coming out awhile back. The Apache 1.3 loaded was aparently no longer secure, and I had to shut it down at the request of my ISP. Is anyone running one of these boxes, and if so what are you doing to keep it secure and hopefully user friendly as it was intended to be?
It is going to sting if you tell me I am an idiot for trying this, without knowing more Linux or something, so let us not do that.
It appears I deserve a world of stinging. Could I let it run the OS as it stands now if I put it behind a more modern firewall?
posted by thirteen at 12:54 PM on October 28, 2005
posted by thirteen at 12:54 PM on October 28, 2005
Could I let it run the OS as it stands now if I put it behind a more modern firewall?
Absolutely not. That box is near criminal to have put online in the first place. It'd be like exclusively browsing porn sites with IE on an unpatched version of Windows 95, or waling into a bad part of town flashing wads of cash wearing only a kick-me sign and a dumb grin. You're asking for more trouble than you can imagine.
If you want to use that box you're going to need to wipe the OS and replace it with one of the alternatives. As I recall BlueQuartz was the one that was furthest along at being easy to use and install. I haven't bothered thinking about Cobalt boxes in at least two years.
My suggestion, if you'd like to learn how to use Linux and have a little server... use that Qube as a plant stand, buy a cheap box at Fry's and CentOS. CentOS gets you essentially the same OS you'd get from RedHat for $349/year for free, and you could easily find something at Fry's or another box store in the $200 range that you'll be running 5-10 years from now.
posted by togdon at 1:37 PM on October 28, 2005
Absolutely not. That box is near criminal to have put online in the first place. It'd be like exclusively browsing porn sites with IE on an unpatched version of Windows 95, or waling into a bad part of town flashing wads of cash wearing only a kick-me sign and a dumb grin. You're asking for more trouble than you can imagine.
If you want to use that box you're going to need to wipe the OS and replace it with one of the alternatives. As I recall BlueQuartz was the one that was furthest along at being easy to use and install. I haven't bothered thinking about Cobalt boxes in at least two years.
My suggestion, if you'd like to learn how to use Linux and have a little server... use that Qube as a plant stand, buy a cheap box at Fry's and CentOS. CentOS gets you essentially the same OS you'd get from RedHat for $349/year for free, and you could easily find something at Fry's or another box store in the $200 range that you'll be running 5-10 years from now.
posted by togdon at 1:37 PM on October 28, 2005
You have convinced me to retire the qube. I thank you for your advice.
posted by thirteen at 2:15 PM on October 28, 2005
posted by thirteen at 2:15 PM on October 28, 2005
Not so fast! As a recent owner of a Cobalt Qube 2, I can attest to the fact that it's possible to secure it, and it makes a nice, handy, low-power server.
I chose to run NetBSD on mine. The cobalt/mips port is actively maintained and it faithfully served as a DNS, mail, and web server, as well as a shell box, for over a year.
I decided that I could do the same thing with my Linksys WRT wireless router and OpenWrt, so I retired the qube, bought a NAS, and now have a shellbox/router/web, mail, and DNS server (with 300 Gigs of storage!) running in less than 1 cubic foot of space. Is it fast? Nope, but it doesn't have to be.
posted by aberrant at 4:38 PM on October 28, 2005
I chose to run NetBSD on mine. The cobalt/mips port is actively maintained and it faithfully served as a DNS, mail, and web server, as well as a shell box, for over a year.
I decided that I could do the same thing with my Linksys WRT wireless router and OpenWrt, so I retired the qube, bought a NAS, and now have a shellbox/router/web, mail, and DNS server (with 300 Gigs of storage!) running in less than 1 cubic foot of space. Is it fast? Nope, but it doesn't have to be.
posted by aberrant at 4:38 PM on October 28, 2005
it would not be a dumb idea to, as aberrant says, put NetBSD or maybe even OpenBSD on it and learn basics. there is/was a MIPS port of Linux too that you may want to hunt down. you can definitely not continue to use the OS as you don't know that the people who got in haven't replaced any of your programs with ones with hidden backdoors. however, the problem is that you're going to have to learn a whole bunch of stuff specific to the MIPS platform and possibly suffer with less support (as a lot of people code for x86 and porting sometimes introduces odd bugs). however, for just learning, say, how to manage a (L)AMP server or basics of BIND/sendmail it'd be great *once* you bomb it.
posted by mrg at 5:03 PM on October 28, 2005
posted by mrg at 5:03 PM on October 28, 2005
I like the idea of repurposing it, but this was really a toe dip into the world of more complex administration. I am not sure how I would control the box without the web interface.
I am thinking I can do what I need to with a Mac mini, which is not what I wanted, but is less likely to gunk up innocent people's e-mail.
posted by thirteen at 11:34 PM on October 28, 2005
I am thinking I can do what I need to with a Mac mini, which is not what I wanted, but is less likely to gunk up innocent people's e-mail.
posted by thirteen at 11:34 PM on October 28, 2005
This thread is closed to new comments.
I refuse to say anything else as I don't want to relive the nightmares associated with supporting dozens of those and I don't want to sting...
posted by togdon at 12:09 PM on October 28, 2005