Question regarding server hardware

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Question regarding server hardware

James Huddle
I recently purchased a Dell T-330 server that I had intended to
install OpenBSD on and use as a serious web server.  My goal was to
have more control than would be (naturally) given with, say an AWS VM.
And by control, I mean what is *not* running on the box - security-wise.

Apparently, Dell ships these with an abundance of "security features"
already on the box.  And not a lot of obvious opt-outs.  And a proclivity
not not understand that "no means no" in regard to turning off these
features.
One of which used 60% of (one of 8) processors, all the time.  Constantly
running
one of my processors at 60% - as long as it was powered up.

I understand that there are times when good security requires such measures.
I do.  And if I trusted Dell with 100% of my security needs, I'd be ok if
it phoned
home a lot, or repeatedly powered up my external HD after a total power
down,
etc.

But I am under-educated and over-paranoid, and so I'm hoping that the
people on this list can offer some suggestions of machines that they use
as internet servers.  I'm looking for *more* power and *less* stuff running
in the background when booting from a newly-installed OS (like obsd).
I can and will go with a 10-yr-old desktop model, if that's what it takes to
achieve "radio silence" when I'm not running anything.

Can you tell me what you like to use?
Thank you in advance.
-Jim Huddle
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding server hardware

Stuart Henderson
On 2019-09-07, James Huddle <[hidden email]> wrote:

> I recently purchased a Dell T-330 server that I had intended to
> install OpenBSD on and use as a serious web server.  My goal was to
> have more control than would be (naturally) given with, say an AWS VM.
> And by control, I mean what is *not* running on the box - security-wise.
>
> Apparently, Dell ships these with an abundance of "security features"
> already on the box.  And not a lot of obvious opt-outs.  And a proclivity
> not not understand that "no means no" in regard to turning off these
> features.
> One of which used 60% of (one of 8) processors, all the time.  Constantly
> running
> one of my processors at 60% - as long as it was powered up.

I don't think that is from some hidden "security feature".
Where is the CPU use showing up? Can you send output from "top -Sn",
"vmstat -i" and a complete dmesg?


Reply | Threaded
Open this post in threaded view
|

Re: Question regarding server hardware

James Huddle
On 2019-09-07, James Huddle <[hidden email]> wrote:

>> I recently purchased a Dell T-330 server that I had intended to
>> install OpenBSD on and use as a serious web server.  My goal was to
>> have more control than would be (naturally) given with, say an AWS VM.
>> And by control, I mean what is *not* running on the box - security-wise.
>>
>> Apparently, Dell ships these with an abundance of "security features"
>> already on the box.  And not a lot of obvious opt-outs.  And a proclivity
>> not not understand that "no means no" in regard to turning off these
>> features.
>> One of which used 60% of (one of 8) processors, all the time.  Constantly
>> running
>> one of my processors at 60% - as long as it was powered up.

>I don't think that is from some hidden "security feature".
>Where is the CPU use showing up? Can you send output from "top -Sn",
>"vmstat -i" and a complete dmesg?

Is there something I could do (like top) to discover why my external HD
turns itself on every 5 seconds after powering down the main box?

-Jim

On Tue, Sep 10, 2019 at 8:47 AM Stuart Henderson <[hidden email]>
wrote:

> On 2019-09-07, James Huddle <[hidden email]> wrote:
> > I recently purchased a Dell T-330 server that I had intended to
> > install OpenBSD on and use as a serious web server.  My goal was to
> > have more control than would be (naturally) given with, say an AWS VM.
> > And by control, I mean what is *not* running on the box - security-wise.
> >
> > Apparently, Dell ships these with an abundance of "security features"
> > already on the box.  And not a lot of obvious opt-outs.  And a proclivity
> > not not understand that "no means no" in regard to turning off these
> > features.
> > One of which used 60% of (one of 8) processors, all the time.  Constantly
> > running
> > one of my processors at 60% - as long as it was powered up.
>
> I don't think that is from some hidden "security feature".
> Where is the CPU use showing up? Can you send output from "top -Sn",
> "vmstat -i" and a complete dmesg?
>
>
>
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding server hardware

Anatoli
In reply to this post by James Huddle
As to the initial question, I'd suggest Supermicro with the new AMD EPYC
Rome CPUs (I should receive them in november-december when NVMe-native
models are ready). Much better than Intel+Dell, though still proprietary.

If you are ok with something more exotic but more open and in server
class, you have Talos II from Raptor Computing:
https://secure.raptorcs.com/content/base/products.html, but to run
OpenBSD on it ppc64 arch support would be needed.

Some 2 years ago I was thinking about buying a Talos II Entry-Level
Developer System and sending it to some dev to get the support, but then
I learned about RISC-V (though it's not in the server class even in
mid-term plans).

On 7/9/19 17:30, James Huddle wrote:

> I recently purchased a Dell T-330 server that I had intended to
> install OpenBSD on and use as a serious web server.  My goal was to
> have more control than would be (naturally) given with, say an AWS VM.
> And by control, I mean what is *not* running on the box - security-wise.
>
> Apparently, Dell ships these with an abundance of "security features"
> already on the box.  And not a lot of obvious opt-outs.  And a proclivity
> not not understand that "no means no" in regard to turning off these
> features.
> One of which used 60% of (one of 8) processors, all the time.  Constantly
> running
> one of my processors at 60% - as long as it was powered up.
>
> I understand that there are times when good security requires such measures.
> I do.  And if I trusted Dell with 100% of my security needs, I'd be ok if
> it phoned
> home a lot, or repeatedly powered up my external HD after a total power
> down,
> etc.
>
> But I am under-educated and over-paranoid, and so I'm hoping that the
> people on this list can offer some suggestions of machines that they use
> as internet servers.  I'm looking for *more* power and *less* stuff running
> in the background when booting from a newly-installed OS (like obsd).
> I can and will go with a 10-yr-old desktop model, if that's what it takes to
> achieve "radio silence" when I'm not running anything.
>
> Can you tell me what you like to use?
> Thank you in advance.
> -Jim Huddle
>