<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.0.9">
</HEAD>
<BODY>
On Tue, 2003-12-30 at 21:28, Jon Carnes wrote:<BR>
<BR>
We are installing some additional NICs, but do intend to use the onboard 2 just as well. We have several networks, and will need as many interfaces as we can reasonably get. I expect to look at 2 or 4 port cards. I know that the 2 port Compaq 10/100 64Bit can be expanded to 4 ports, and works just fine with RH.<BR>
<BR>
This system won't be used for network monitoring, but opennms may have some features that the security folks can take advantage of. I'll be sure to check it out and see what I find.<BR>
<BR>
<BR>
I did a quick test this afternoon, took one of these systems that I have for another project and started the Fedora Core installation, it saw the disk on the array, as well as the 2 onboard 10/100/1000 cards. That's hopeful. I don't think that, for this, they want to spend the dough for RHEL, but if there are significant support issues for current hardware they may. I expect that Fedora Core 1, or RH9 will be the flavor we run with.<BR>
<BR>
This system may be overkill for just scans, but the nessus-web stuff takes MySQL, and apache, so it can store results from multple scans, and do deltas over time on one system. Pretty cool. Besides, our lower horsepower "standard model" is only a 1U system with 2 drive bays, and 2 PCI slots, I really wanted more of both. The security folks don't have a problem with the cost, who am I to argue? ;')<BR>
<BR>
<BR>
<BR>
Kevin<BR>
<BR>
<BR>
<BR>
<BLOCKQUOTE TYPE=CITE>
<PRE><FONT COLOR="#737373"><I>Fortunately he's going to put his own NIC's in the box, so as long as he
sticks to main brands, he should be fine and can even ignore the
built-in NIC.
All in all the system is a bit of an overkill for just simple security
scans. If you're beefing this up with some RAM then you might want to
run OpenNMS on the beast.. OpenNMS incorporates Nessus into its
scanning, but gives you a more complete view of your network than just
the Nessus scans.
OpenNMS is an effort to build a fully distributed network management
platform providing both enterprise and element management capabilities,
using Java 2, XML/XSL and other open source projects/tools such as
RRDTool, Nessus, Tomcat, and PostgreSQL.
Nessus described (for those needing the clue stick):
</FONT><A HREF="http://www.linuxsecurity.com/feature_stories/nessusintro-part1.html"><U>http://www.linuxsecurity.com/feature_stories/nessusintro-part1.html</U></A>
<FONT COLOR="#737373">
OpenNMS clue stick:
</FONT><A HREF="http://www.opennms.org/"><U>http://www.opennms.org/</U></A>
<FONT COLOR="#737373">
I use OpenNMS for my network monitoring (and I love it!). Also, the
good folks that built and maintain it are members of TriLUG and have
sponsored a few meetings. :-)
PHB plus - there is also "Enterprise" level support for OpenNMS. So
your PHB can actually pay for support, if he is so inclined (or he can
make *you* do the support).
Take care - Jon Carnes
On Tue, 2003-12-30 at 20:15, Jason Tower wrote:
> i've installed RHAS 2.1 on that exact hardware, the only thing that
> required any extra effort was installing nic drivers (you have to d/l
> and build a src rpm, no big deal). there are also a whole bunch of
> drivers and utilities (all rpms) for snmp hardware monitoring and
> whatnot (fans, mass storage, raid controllers, cpu temp, nics, etc).
> the catch is that some of them are tied to a specific RH kernel, so if
> don't upgrade the kernel without doing your homework. and DEFINITELY
> don't upgrade the kernel remotely or else the nic driver will fail and
> you'll be up the creek.
>
> jason
> </I></FONT></PRE>
</BLOCKQUOTE>
<BR>
<PRE><TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<PRE>--
+-------------------------------------------------------+
Don't worry about people stealing your ideas. If your ideas are any
good, you'll have to ram them down people's throats.
Howard Aiken</PRE>
</TD>
</TR>
</TABLE>
</PRE>
</BODY>
</HTML>