Thread: I'm back :-)
View Single Post
  #5   (View Single Post)  
Old 21st December 2009
There0 There0 is offline
./dev/null
 
Join Date: Jul 2008
Posts: 170
Default

Remember that / also includes /home and /etc if you do not seperate them, I tried partitioning /etc and it errored like mad, I did not follow up on a solution i just kept it under /.

This is my partition scheme on my main firewall (no users login, or else i would have a seperate /home partition as well, VERY good idea security wise, so users/apps/files can't fill up your / partition and bomb your install or worse)

Code:
user@server[~]$ df -h
Filesystem     Size    Used   Avail Capacity  Mounted on
/dev/wd0a     19.7G    344M   18.4G     2%    /
/dev/wd0f      1.2G   26.0K    1.1G     0%    /tmp
/dev/wd0d      4.9G    584M    4.1G    12%    /usr
/dev/wd0e      9.9G    952M    8.4G    10%    /var
Code:
/etc/fstab
user@server[~]$ more /etc/fstab
/dev/wd0a / ffs rw,softdep,noatime 1 1
/dev/wd0f /tmp ffs rw,nodev,nosuid,softdep,noatime,noexec 1 2
/dev/wd0d /usr ffs rw,nodev,softdep,noatime 1 2
/dev/wd0e /var ffs rw,nodev,nosuid,softdep,noatime,noexec 1 2
installed packages include (firewall with snort and some monitoring tools and nessus)
Code:
user@server[~]$ pkg_info
aide-0.13.1         Advanced Intrusion Detection Environment
bwm-ng-0.6          realtime bandwidth monitoring of interfaces
gettext-0.17p0      GNU gettext
hydra-5.4           parallelized login hacker
libdnet-1.10p3      portable low-level networking library
libiconv-1.13       character set conversion library
libnasl-2.2.9p0     Nessus Attack Scripting Language
lua-5.1.4p0         powerful, light-weight programming language
lzo-1.08p1          portable speedy lossless data compression library
nessus-core-2.2.9p4-no_x11 network security scanner
nessus-libraries-2.2.9p0 libraries for Nessus
nessus-plugins-2.2.9p0 plugins for Nessus
nikto-2.03          Web and CGI vulnerability scanner with SSL support
nmap-4.76           scan ports and fingerprint stack of network hosts
ntop-1.1            network usage, interface similar to top(1)
oinkmaster-2.0      update your Snort rules
openvpn-2.1rc15p2   easy-to-use, robust, and highly configurable VPN
openvpn_bsdauth-4p0 BSD Auth helper program for OpenVPN
p5-Net-SSLeay-1.35p0 perl module for using OpenSSL
pcre-7.9            perl-compatible regular expression library
pftop-0.7p3         curses-based real time state and rule display for pf
portsentry-1.2      port scan detection and active defense
screen-4.0.3p1      multi-screen window manager
snort-2.8.3.2       highly flexible sniffer/NIDS
trafshow-3.1        full screen visualization of network traffic
wget-1.11.4         retrieve files from the web via HTTP, HTTPS and FTP
I am curious of you have tried just ONE big partition and a swap file? it may help get booted up and haxxing out the "errors" or otherwise.
__________________
The more you learn, the more you realize how little you know ....

Last edited by J65nko; 21st December 2009 at 09:14 PM. Reason: Code tags added
Reply With Quote