* Mark Knecht <markkne...@gmail.com> wrote: Hi,
> Since I'm not an IT guy could you please explain this just a bit > more? What is 'a container'? Is it a chroot running on the same > machine? A different machine? Something completely different? http://lxc.sourceforge.net/ http://wiki.openvz.org/Main_Page Unlike VM solutions like kvm, vmware, etc, these (OS-side) container implementations split off the operating system resources (filesystem, network interfaces, process-IDs, ...) into namespaces, so each container only sees its own resources, not those of the host system or other containers. That's essentially what's behind the "virtual private server" solutions offered by various ISPs. > In the OP's case (I believe) he thought a personal machine at home > was compromised. If that's the case then without doubling my > electrical bill (2 computers) how would I implement your containers? He would have several virtual servers running on just one metal. If the host system is not accessible from the outside world, just the virtual servers - an attacker could probably highjack what's inside the virtual servers, but cant get to the host system. cu -- ---------------------------------------------------------------------- Enrico Weigelt, metux IT service -- http://www.metux.de/ phone: +49 36207 519931 email: weig...@metux.de mobile: +49 151 27565287 icq: 210169427 skype: nekrad666 ---------------------------------------------------------------------- Embedded-Linux / Portierung / Opensource-QM / Verteilte Systeme ----------------------------------------------------------------------
