Re: network appliance...

[ptaylor () MARTNET COM (Paul Taylor)]

The kernel is a stripped down unix type kernel. It has no compiler, no real
shell (like /bin/sh), nor any utils like vi or anything like that. It does (or
did, I haven't configured one for a while) come from the factory with a crappy
security configuration, such as:

/ -anon=0

in /etc/exports. It runs its own implementation of CIFS, and it uses NFS, and
you can run an http server off of it, none of which I have seen any problems
with, except for not being locked down out of the factory.

They are pretty dependable, and quick for what they do. The read speed is good,
but the write speed sucks. I was running an F630 and an F760, and the only
problem I had with it was an infant mortality on the system board of the F630
the first week we got it.

YMMV.

Paul

> On Mon, 10 Apr 2000, JT wrote:
>
> > has anyone heard of vulnerabilities in the Network Appliance base operating
systems?
they're the company that makes large filer head systems and my company is
considering
buying one. the operating system is unix or unix based but an nmap scan on
known open
ports in demonstration showed absolutely nothing - no operating systems id
either. i was
curious as to whether this is really as safe as it seems...
> >
>
> If I remember correctlly, the configuration interface of these devices
> closelly resembles the UN*X standard, this does *not* however imply that
> they use a UN*X-like operating system or kernel......
>
> If indeed their code (kernel, OS, call it what you like) is UN*X-like it
> would probably be more or less completely developed in-house.
>
> At least, I havn't seen any of the usual "advertising clause" messages....
>
> /olle