Thread: I'm back :-)
View Single Post
  #5   (View Single Post)  
Old 21st December 2009
There0 There0 is offline
Join Date: Jul 2008
Posts: 170

Remember that / also includes /home and /etc if you do not seperate them, I tried partitioning /etc and it errored like mad, I did not follow up on a solution i just kept it under /.

This is my partition scheme on my main firewall (no users login, or else i would have a seperate /home partition as well, VERY good idea security wise, so users/apps/files can't fill up your / partition and bomb your install or worse)

user@server[~]$ df -h
Filesystem     Size    Used   Avail Capacity  Mounted on
/dev/wd0a     19.7G    344M   18.4G     2%    /
/dev/wd0f      1.2G   26.0K    1.1G     0%    /tmp
/dev/wd0d      4.9G    584M    4.1G    12%    /usr
/dev/wd0e      9.9G    952M    8.4G    10%    /var
user@server[~]$ more /etc/fstab
/dev/wd0a / ffs rw,softdep,noatime 1 1
/dev/wd0f /tmp ffs rw,nodev,nosuid,softdep,noatime,noexec 1 2
/dev/wd0d /usr ffs rw,nodev,softdep,noatime 1 2
/dev/wd0e /var ffs rw,nodev,nosuid,softdep,noatime,noexec 1 2
installed packages include (firewall with snort and some monitoring tools and nessus)
user@server[~]$ pkg_info
aide-0.13.1         Advanced Intrusion Detection Environment
bwm-ng-0.6          realtime bandwidth monitoring of interfaces
gettext-0.17p0      GNU gettext
hydra-5.4           parallelized login hacker
libdnet-1.10p3      portable low-level networking library
libiconv-1.13       character set conversion library
libnasl-2.2.9p0     Nessus Attack Scripting Language
lua-5.1.4p0         powerful, light-weight programming language
lzo-1.08p1          portable speedy lossless data compression library
nessus-core-2.2.9p4-no_x11 network security scanner
nessus-libraries-2.2.9p0 libraries for Nessus
nessus-plugins-2.2.9p0 plugins for Nessus
nikto-2.03          Web and CGI vulnerability scanner with SSL support
nmap-4.76           scan ports and fingerprint stack of network hosts
ntop-1.1            network usage, interface similar to top(1)
oinkmaster-2.0      update your Snort rules
openvpn-2.1rc15p2   easy-to-use, robust, and highly configurable VPN
openvpn_bsdauth-4p0 BSD Auth helper program for OpenVPN
p5-Net-SSLeay-1.35p0 perl module for using OpenSSL
pcre-7.9            perl-compatible regular expression library
pftop-0.7p3         curses-based real time state and rule display for pf
portsentry-1.2      port scan detection and active defense
screen-4.0.3p1      multi-screen window manager
snort-       highly flexible sniffer/NIDS
trafshow-3.1        full screen visualization of network traffic
wget-1.11.4         retrieve files from the web via HTTP, HTTPS and FTP
I am curious of you have tried just ONE big partition and a swap file? it may help get booted up and haxxing out the "errors" or otherwise.
The more you learn, the more you realize how little you know ....

Last edited by J65nko; 21st December 2009 at 09:14 PM. Reason: Code tags added
Reply With Quote