?

Log in

No account? Create an account
Tinkering, FF Sparks (Madgirl)

[Random] Finances

Tallied up my finances at a finer grain of detail today. Broke things down by category (Utilities, Loans, Auto, Horse-Related, etc.) Cost of running Noderunner (Nausicaa.net, Westeros.org, etc.), after accounting for donations: $649.90 in the past 4 months.

At first, that made me go 'gulp' and wince. But on the other hand, Noderunner's hosted at a colocation center with 24/7 tech support, a really good pipe, and 2 terabytes of bandwidth allowed per month. ThePlanet really is cheaper for the quality I get than most places. And $170 in donations across four months is not too bad.

Still, I start to think that maybe when I finish my spare-time coding project (MU* client for Mac OS X), I should make it shareware instead of freeware, and defray some of Noderunner's costs! (Mental note: look into shareware license libraries and online purchase stuff.)

 $804.00 = Hosting charges (backup services, etc.)
+$ 15.90 = NNTP subscription (for news.noderunner.net)
-$170.00 = Donations from Noderunner users
----------
 $649.90 = Total cost

Comments

Re: Yay for root access!

No, my hosting company specializes in this sort of thing. You aren't buying space on a box, you're literally buying a box and they host it for you. :)

If you want managed services, though, you need to make sure the technicians know your root password. (As part of managed services, they'll handle all security patches, OS upgrades and so on for you.)

Server Matrix are good folks. They've certainly done right by Noderunner. :)

Re: Yay for root access!

So each of your boxes must be completely self-contained and firewalled, so that your root password doesn't give you access to boxes belonging to Server Matrix's other customers.

That must be an interesting setup, from an networking security viewpoint. I'm guessing that the Server Matrix folks are earning their money.

Re: Yay for root access!

I'll just go the quick route and say that they have the most complicated TippingPoint security setup I've ever encountered, bar none. :)

Re: Yay for root access!

Though, that said, having root on one box in the data center does not necessarily give you access to any other. The main vulnerabilities in such a case would be having the ability to eavesdrop on Ethernet traffic (and sniff passwords) by putting the card in promiscuous mode, or to slip around firewall rules by being on the same subnet.

Their network setup would prevent someone from eavesdropping on Ethernet traffic to nearby boxes (which is pretty standard at any colocation place worth its salt), and their intrusion detection stuff functions not just between the data center and the outside world, but regards every other box in a given center as 'the outside world' from each other for security purposes. (That last part being the 'most complex' part I mentioned one post above.)

Re: Yay for root access!

That reminds me of the network security at the place where I work. We use an industrial-strength firewall/router system to implement several distinct security zones, including a secure internal wireless network, an "insecure" wireless network for visitors' laptops, several major public web sites, internal development versions of those same web sites, and even a bunch of public-access (though I think read-only) MySQL database servers.

When I work from home, I first have to login to an ssh gateway with one password, then it makes a bridging ssh connection to the actual internal machine I need to use, and I have to give my "real" password to login to that machine.

Happily, the gateway machine also takes care of port-forwarding and ssh tunnelling, so I can use X11 and even my organisation's web proxy via an ssh login session, which is handy, because that gives me access from home to a bunch of paid-for scientific web resources that aren't available to the world at large :-)