unRAID for a public environment

more specifically, a lan party, where you want the main configuration secure, shares accessible etc.

i have a root password so the web gui shoul dbe ok for now, i only export the samba shares as read only.

there are a few mor ethings though.

configuration of vsftpd, is it possible to share the user share with vsftpd? also there seems to be issues with files not showing up in disk shares.

does anyone have a way of securing unMENU, i asked in the unMENU thread to no avail. for now all i can think of is to not run it from the go script at lan events.

anything els ei should think of/know of?

more specifically, a lan party, where you want the main configuration secure, shares accessible etc.

i have a root password so the web gui shoul dbe ok for now, i only export the samba shares as read only.

there are a few mor ethings though.

configuration of vsftpd, is it possible to share the user share with vsftpd? also there seems to be issues with files not showing up in disk shares.

does anyone have a way of securing unMENU, i asked in the unMENU thread to no avail. for now all i can think of is to not run it from the go script at lan events.

anything els ei should think of/know of?

I thought I had answered you in that thread.  unMENU is a web-server written in awk.  It has no built-in security, other than being on a non-standard port.  Just kill it during your LAN Party.  It will never have security built in.

 

If you wish to run it anyways, use the unRAID-Web package and learn how to secure it, and don't run the unraid.awk server.  Since unRaid-Web is based on lighttpd, security can be enabled and configured.

 

Be aware that unRAID is insecure in several other ways as there are logins without passwords.  Try logging in as "shutdown" and see what happens.  (Be prepared for a full parity check when you power back on, cause it is not a graceful shutdown, but a non-clean one)

 

Joe L.

ok, i guess ill just do it the long winded way by connecting it to my pc only and sharing from that. i mustve missed teh post in the unmneu thread sorry, read through it but didnt see a reply.

 

i dont really have time to learn much. as long as it sorta works shoul dbe ok.

 

now i just gotta work out why the speed drops to about 2MB/sec for no reason, then goes back to full speed, the drops, then repeats etc with eeach slow/fast speed phase going for a few minutes to a few hours each. log was clean, guess ill try a differnet network card (nternal disk speeds are still 110+ when the speed drop happens.

I'm in a similar boat as I plan to take my box to a few LAN parties as well, my thoughts were to simply to "secure" it as follows:

 

1) disable the telnet interface by killing the process (removing the inetd entry)

2) disable unMenu by not running it

ok, i guess ill just do it the long winded way by connecting it to my pc only and sharing from that. i mustve missed teh post in the unmneu thread sorry, read through it but didnt see a reply.

 

i dont really have time to learn much. as long as it sorta works shoul dbe ok.

 

now i just gotta work out why the speed drops to about 2MB/sec for no reason, then goes back to full speed, the drops, then repeats etc with eeach slow/fast speed phase going for a few minutes to a few hours each. log was clean, guess ill try a differnet network card (nternal disk speeds are still 110+ when the speed drop happens.

That sounds like noise on your LAN.  Could be anything causing it... a bad cable, a spambot sending mass e-mail, your neighbor's microwave oven or cordless phone, anything.

I doubt this will answer the security problem but it might help.  Make a separate set of shares for unraid.  It's just a file.  One with all yours in it.  One with just a few that you can use when at the lan party.  That way you don't have to secure yours, just don't show them.  If you hide the drive level shares they they only can get to what you are willing to expose.