Haggis Veteran Posted January 18, 2015 Author Veteran Share Posted January 18, 2015 will this fit in the N54L? thinking the physical size http://www.amazon.co.uk/1000-Dual-Server-Adapter-PCI-X/dp/B00RGYQ15G/ref=sr_1_1?s=computers&ie=UTF8&qid=1421581247&sr=1-1&keywords=intel+dual+gigabit Link to comment Share on other sites More sharing options...
+BudMan MVC Posted January 18, 2015 MVC Share Posted January 18, 2015 Well it says low profile -- but that is a 64 bit 3.3/5 volt card you can tell by the number and position of slots I am not sure a full 64 bit card will fit?? Link to comment Share on other sites More sharing options...
Haggis Veteran Posted January 18, 2015 Author Veteran Share Posted January 18, 2015 i found another one that the guy bought one for an N40 so assuming it will fit i got a HP NC360T PCI Express Dual Port Gigabit Adaptor Link to comment Share on other sites More sharing options...
+BudMan MVC Posted January 18, 2015 MVC Share Posted January 18, 2015 The nc360T is the dual I have.. Just make sure it comes with the low profile bracket or you have to mod the full sized bracket or buy a low profile bracket. Link to comment Share on other sites More sharing options...
Haggis Veteran Posted January 18, 2015 Author Veteran Share Posted January 18, 2015 yup it has low profile on it Link to comment Share on other sites More sharing options...
+BudMan MVC Posted January 19, 2015 MVC Share Posted January 19, 2015 dude you will be rockin Man I want to get that quad for mine so I can lagg couple interfaces - but my current pc doesn't have the slots to put in a dual nic so I could take advantage -- gig is starting to become a bottleneck.. 10ge is just too expensive for the home currently. So lagging a couple together to get 2 seems like most cost effective way.. Hmmm I don't really need that AC wireless card - maybe I should sell that and get new card for my PC... Maybe I should get a new PC... hehehe All this playing around gets me wanting to play.. Would really like to hit 200MBps transfer between my server and PC Not going to do that with only a gig between them.. Link to comment Share on other sites More sharing options...
Haggis Veteran Posted January 19, 2015 Author Veteran Share Posted January 19, 2015 lol i will be happy just getting this to work My sister bought this card for me for my birthday (which is not until 15th feb) so have a bit of a wait Link to comment Share on other sites More sharing options...
Haggis Veteran Posted January 22, 2015 Author Veteran Share Posted January 22, 2015 ok here is a question for you guys just now i have default firewalls on my laptop and no firewalls on the plex VM and arch VM within ESXi There is a firewall on my router though so have never seen the point in software firewalls Now when i start to use pfsense it will become my firewall so again i see no point in having software firewalls on the VM's 1. would you guys agree with this? Link to comment Share on other sites More sharing options...
+Fahim S. MVC Posted January 22, 2015 MVC Share Posted January 22, 2015 There is a chance you get something nasty on one of your machines (virtual or otherwise), firewalls on your machines help stemming the spread of those nasties to your other machines. If you aren't worried about this, you should only need protection at the edge of your LAN (where it connects to the Internet). I would be more cautious though - they take up very little additional resource that they are worth keeping on, IMHO. Link to comment Share on other sites More sharing options...
Haggis Veteran Posted January 22, 2015 Author Veteran Share Posted January 22, 2015 yeah see my laptop has the default one which blocks evetrything unless i allowed it the VM does not have any at all as i installed a basic install with nothing else but ssh and then added it from there I need to check them when i get home it has a firewall on the router just now which then connects to the modem for my fibre Link to comment Share on other sites More sharing options...
+BudMan MVC Posted January 22, 2015 MVC Share Posted January 22, 2015 "help stemming the spread of those nasties to your other machines." Yeah not so much if you ask me.. What services are these nasties going to be using to spread, Why would these services be running if your not using them.. So you have services running that your firewall is blocking? Or is it allowing it because its from the same local lan? While I agree if you were in a hostile network, the use of a software firewall would be required. So you could let machine Y talk to service on machine X. In such a setup then sure that firewall wold prevent machine Z from infecting your machine using service that machine Y is using. But if machine Y gets infected, it could use that service to spread and sorry your firewall not going to do a damn thing to stop the infection. So normally in a trusted network - machines x and y and z and a, b and C all use services 1 2 and 3 to talk to each other. And you allow this, you set this up.. Why would you be running service 4 if not using service 4. Why would you run service 4 and have firewall block it if nobody is using it? Lets do another example.. You forward service X to your machine on your edge firewall to machine A.. I have to assume if you want anything outside to use this service that machine A firewall has to allow this traffic. So what good is that machine A firewall doing? Here is where I see use of software firewalls on host machines. If they are in a network and you set it up that only machine A and B can talk to your service not C or D or Z, etc.. If you setup your firewall to allow your whole network to talk to said service then is pointless because new machine with infection joined said network and can exploit your service that you allowed. The other great use for it is devices that move networks.. So you home and happy all the machines on your network you trust to use services you have running.. File sharing, etc.. You control these machines - they are secure. You trust them, etc. But now you take your laptop to your buddies house, or school/work network, etc..Starbucks.. Do you trust these computers to use your service (that they could exploit to infect you) - hell no, so firewall should block all those connections even though you have those services running be cause you use them in your home network. Unless you are going to take the time to fully manage and configure your software firewalls on all your hosts in your network to protect against hostile boxes coming on your network - do hostile boxes even join your network? This is a great reason to isolate your wifi network that guest use Then software firewalls on a trusted, secure network are most likely than not just overhead that you manage without much benefit, or suck up resources and hit performance again for little benefit. Do you run your software firewall in such a manner that it blocks all outbound traffic by all processes unless you have allowed it?? That really must be a pain in the ass to manage.. Why are you running untrusted software in the first place?? Much easier control just not run software you don't trust. So you don't have to configure your firewall every time some application needs to call home to check a license, etc. Lets say you are blocking all unauthed outbound, so nasty can not call home.. Do you really think that said nastie that is running on your box you executed can not disable or turn or even just create a rule in your "software firewall" ?? Come on.. Link to comment Share on other sites More sharing options...
Haggis Veteran Posted January 22, 2015 Author Veteran Share Posted January 22, 2015 "help stemming the spread of those nasties to your other machines." Yeah not so much if you ask me.. What services are these nasties going to be using to spread, Why would these services be running if your not using them.. So you have services running that your firewall is blocking? Or is it allowing it because its from the same local lan? While I agree if you were in a hostile network, the use of a software firewall would be required. So you could let machine Y talk to service on machine X. In such a setup then sure that firewall wold prevent machine Z from infecting your machine using service that machine Y is using. But if machine Y gets infected, it could use that service to spread and sorry your firewall not going to do a damn thing to stop the infection. So normally in a trusted network - machines x and y and z and a, b and C all use services 1 2 and 3 to talk to each other. And you allow this, you set this up.. Why would you be running service 4 if not using service 4. Why would you run service 4 and have firewall block it if nobody is using it? Lets do another example.. You forward service X to your machine on your edge firewall to machine A.. I have to assume if you want anything outside to use this service that machine A firewall has to allow this traffic. So what good is that machine A firewall doing? Here is where I see use of software firewalls on host machines. If they are in a network and you set it up that only machine A and B can talk to your service not C or D or Z, etc.. If you setup your firewall to allow your whole network to talk to said service then is pointless because new machine with infection joined said network and can exploit your service that you allowed. The other great use for it is devices that move networks.. So you home and happy all the machines on your network you trust to use services you have running.. File sharing, etc.. You control these machines - they are secure. You trust them, etc. But now you take your laptop to your buddies house, or school/work network, etc..Starbucks.. Do you trust these computers to use your service (that they could exploit to infect you) - hell no, so firewall should block all those connections even though you have those services running be cause you use them in your home network. Unless you are going to take the time to fully manage and configure your software firewalls on all your hosts in your network to protect against hostile boxes coming on your network - do hostile boxes even join your network? This is a great reason to isolate your wifi network that guest use Then software firewalls on a trusted, secure network are most likely than not just overhead that you manage without much benefit, or suck up resources and hit performance again for little benefit. Do you run your software firewall in such a manner that it blocks all outbound traffic by all processes unless you have allowed it?? That really must be a pain in the ass to manage.. Why are you running untrusted software in the first place?? Much easier control just not run software you don't trust. So you don't have to configure your firewall every time some application needs to call home to check a license, etc. Lets say you are blocking all unauthed outbound, so nasty can not call home.. Do you really think that said nastie that is running on your box you executed can not disable or turn or even just create a rule in your "software firewall" ?? Come on.. My laptop is the only device i take outside the house It has a firewall, all inbound is blocked unless i specifically allow it, outbound not blocked at all None of my network is open to the outside The only systems that have no firewall is my two VM's currently one is an arch vm which i just had to play about with the other is plex Link to comment Share on other sites More sharing options...
Haggis Veteran Posted January 22, 2015 Author Veteran Share Posted January 22, 2015 looks like there is a default firewall lol Nmap scan report for 192.168.0.16 Host is up (0.0053s latency). Not shown: 995 closed ports PORT STATE SERVICE 22/tcp open ssh 111/tcp open rpcbind 2049/tcp open nfs 9091/tcp open xmltec-xmlmail 10000/tcp open snet-sensor-mgmt Link to comment Share on other sites More sharing options...
n_K Posted January 22, 2015 Share Posted January 22, 2015 Hmmm I don't really need that AC wireless card - maybe I should sell that and get new card for my PC... Maybe I should get a new PC... hehehe All this playing around gets me wanting to play.. Would really like to hit 200MBps transfer between my server and PC Not going to do that with only a gig between them.. Haha I agree, making me want to play around too! Link to comment Share on other sites More sharing options...
+BudMan MVC Posted January 22, 2015 MVC Share Posted January 22, 2015 Yes esxi has a firewall to the vmkern.. What exactly are you scanning? Just because there are limited ports that answer does not mean there is a firewall?? What services are listening?? Link to comment Share on other sites More sharing options...
Haggis Veteran Posted January 23, 2015 Author Veteran Share Posted January 23, 2015 not sure will do another scan later what command should i run on nmap? Link to comment Share on other sites More sharing options...
+BudMan MVC Posted January 23, 2015 MVC Share Posted January 23, 2015 What do you mean what command? So your linux box is only listening on specific ports, be there a firewall or not.. Just because 995 ports come back closed out of the 1k you scanned does not mean there is a firewall So here is a clean vm, this is my template for when I need new unbuntu vm.. There is no firewall running.. Only thing listening is ssh. If I scan it with nmap.. what do think comes back?? So here is my nmap scan Starting Nmap 6.46 ( http://nmap.org ) at 2015-01-23 06:35 Central Standard Time Nmap scan report for cleanlinux.local.lan (192.168.1.214) Host is up (0.00019s latency). Not shown: 999 closed ports PORT STATE SERVICE 22/tcp open ssh MAC Address: 00:0C:29:55:E5:5D (VMware) Nmap done: 1 IP address (1 host up) scanned in 1.04 seconds Going back to my previous examples - what exactly is the point of a firewall on this box.. The only thing it listens on is ssh.. I need ssh OPEN for me to use it.. So unless I am going to use a firewall to restrict who can access this service the software firewall is pointless. If did run a firewall on it and locked it down to 192.168.1.0/24 -- how would I access it remotely. I have no idea where I might hit that box remotely from if was my ssh server to the world. I don't know what IP I might use from 192.168.1.0/24 to ssh to it. So if there was a hostile box on my 192.168.1.0/24 network it would be able to try and ssh to it anyway. Be it I was running a firewall or not.. So why run a firewall to suck up resources. It is not open to the public net, and my 192.168.1.0/24 is trusted.. Link to comment Share on other sites More sharing options...
Haggis Veteran Posted February 15, 2015 Author Veteran Share Posted February 15, 2015 ok so put the new nic in plugged cabels back in cant reach the box will the card have taken over the onboard nic? Link to comment Share on other sites More sharing options...
Haggis Veteran Posted February 15, 2015 Author Veteran Share Posted February 15, 2015 ok ignore that the card took over the network for esxi lol so the card works fine so might have a play about with pfsense tomorrow ok a question I have a hot swap bay on my server how do i add the bay to a vm guest in esxi so that i can plug and unplug different drives? Link to comment Share on other sites More sharing options...
binaryzero Posted February 15, 2015 Share Posted February 15, 2015 ^ hot swap isn't support inside a VM. Link to comment Share on other sites More sharing options...
Haggis Veteran Posted February 15, 2015 Author Veteran Share Posted February 15, 2015 Ok thanks Do I need to add two nice to the pfsense fm and go from there? Link to comment Share on other sites More sharing options...
+Fahim S. MVC Posted February 15, 2015 MVC Share Posted February 15, 2015 Ok thanks Do I need to add two nice to the pfsense fm and go from there? Yes but they need to connect to two different port groups Link to comment Share on other sites More sharing options...
Haggis Veteran Posted February 16, 2015 Author Veteran Share Posted February 16, 2015 this is going to be a steep learning curve lol Link to comment Share on other sites More sharing options...
+Fahim S. MVC Posted February 16, 2015 MVC Share Posted February 16, 2015 It's pretty obvious when you get your head around it. Rather than 2 port groups on the same vSwitch, which I understand is possible, I used two vSwitches (I moved my installation to XenServer, rather than vSphere). The vSwitches are mapped to a physical NIC each. The WAN facing vSwitch has the WAN facing pfSense NIC on it and nothing else, physically the network port mapped to the same vSwitch connects to your OpenReach modem, and the connection in pfSense is configured as PPPoE (at least it is for my BT connection). The LAN facing vSwitch has the LAN facing pfSense NIC on it, as well as any other VMs and physically connects to your switch, where your physical devices are connected (including whatever you are using as an access point, if you have/want WiFi). Try watching this: Link to comment Share on other sites More sharing options...
Haggis Veteran Posted February 16, 2015 Author Veteran Share Posted February 16, 2015 ok i think i can manage that lol i will attempt tonight Link to comment Share on other sites More sharing options...
Recommended Posts