On Fri, 2003-10-31 at 10:24, David Gomillion wrote: > I can understand the size concerns for putting it in an appliance or > what-not. However, my opinion is that, due to the low cost of hard disk > space, it is cheaper for the company to go out and buy another hard disk > to replace the extra 500 MB they wasted on a sub-optimal installation > than to pay me to try to get the installation as small as possible. > > What are the benefits to a really tiny installation, aside from possible > appliance applications? Moreover, won't you still need a sizable hard > disk for voice prompts, voicemail messages, sound file to direct people > to dial the correct extension, etc?
The benefit of getting a appliance like asterisk system together is the level of security you would have on the box. If you don't have gcc or the other tools like that on the machine, it won't be too interesting to a script kiddie if they make it on. If they can't make a root kit on your machine, then worst case is they get pissed and try and deface the system. Of course if you have properly secured the system, like making the main FS read only, then all they could do maybe is muck with your voicemail you didn't get sent off via mail before they screwed with the thing. Spending time securing a machine is much more valuable than having your phones knocked over by a script kiddie. So the benefit here is if you could get your voicemail storage to be stored somehow off machine, then you could easily get this to boot of a CD and then you have minimal system that could worst case be brought back up after the hitting of the reset button. Think about that also when someone has to be put oncall to do computer work through the dead hours. If you could just say hit the reset button on all problems, you wouldn't get called in the middle of the night. While I haven't intentionally built minimum installs for asterisk yet, I have already done what I can to make the OS and asterisk self recover from some faults, and the rest are cured with a reset button press. This keeps me from having to go on site for something hungup. Everyone should spend some time around paranoid *nix admins to just learn what to be looking out for. I don't subscribe to all of their beliefs, but if you aren't educated in what the extremes are, then you don't adequately know where you should be. Most people know that RH is just the vasoline of the net, and then you learn to secure away till only the bare basics are stock from RH. -- Steven Critchfield <[EMAIL PROTECTED]> _______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users
