TrentMB
October 27th, 2009, 11:27 PM
Ok this may sound convoluted and I am not sure if people have tried this before so bear with me.
I am in the process of building a server with some spare parts I obtained and was wondering about how to quarantine files.
I right now have three 18.2GB scsi drives and a Card.
I want to make 1 by itself as the system drive and application drive
The other 2 I want to software raid 1 as the web server content (svn server etc).
Down the road I would like to buy a 1TB drive so the server can also be used for local backups similar to freenas, however I want this drive/partition to be near impossible if not impossible to access from the outside world, is this possible and how would I do this?
Is it possible to limit viewers based on ip address so they have to be in my local network in a certain range to view it and also login.
If I installed freenas on vmware server and ran a virtual harddrive in there would that work (does free NAS inherently block the outside world or is there a way to block it?)
Effectively I want the most fool proof way to quarantine a hard drive partition so it can only be locally accessed (Anything I want remote access on will be on the scsi drives (or another partition on the 1TB) I would like it quarantined to the point that even if I or a hacker SSHed from the neighbors house I could not access the files unless I tunneled through a vpn through another computer or similar.
Please throw out ideas.
Thanks,
Trent
Edit - So far I am thinking 4096 bit SSH key as one deterrent as I only have to use one client computer and it will only be connecting to one host, to keep the SSH safe from external threats. Though it will be a pain.
I am in the process of building a server with some spare parts I obtained and was wondering about how to quarantine files.
I right now have three 18.2GB scsi drives and a Card.
I want to make 1 by itself as the system drive and application drive
The other 2 I want to software raid 1 as the web server content (svn server etc).
Down the road I would like to buy a 1TB drive so the server can also be used for local backups similar to freenas, however I want this drive/partition to be near impossible if not impossible to access from the outside world, is this possible and how would I do this?
Is it possible to limit viewers based on ip address so they have to be in my local network in a certain range to view it and also login.
If I installed freenas on vmware server and ran a virtual harddrive in there would that work (does free NAS inherently block the outside world or is there a way to block it?)
Effectively I want the most fool proof way to quarantine a hard drive partition so it can only be locally accessed (Anything I want remote access on will be on the scsi drives (or another partition on the 1TB) I would like it quarantined to the point that even if I or a hacker SSHed from the neighbors house I could not access the files unless I tunneled through a vpn through another computer or similar.
Please throw out ideas.
Thanks,
Trent
Edit - So far I am thinking 4096 bit SSH key as one deterrent as I only have to use one client computer and it will only be connecting to one host, to keep the SSH safe from external threats. Though it will be a pain.