- 0 Posts
- 6 Comments
542·8 months agoFrom my understanding, the impetus was that F5 submitted a CVE for a vulnerability, for an optional, “beta” feature that can be enabled. Dounin did not think a CVE should be submitted, since he did not considered it to be “production” feature.
That said, the vulnerability is in shipping code, regardless of whether it is optional or not, so per industry coding practices, it should either be patched or removed entirely in order to resolve the issue.
TrueNAS has an OpenVPN plugin available, which is typically the recommended option.
You are trying to solve two different, but related problems, and there are discrete solutions for both.
One is a personal cloud. You need a secure place to store your shit from multiple users and devices, from multiple networks. You’ll need a mostly static IP and dyndns or your own domain, and certificates signed by a public CA/letsencrypt.
Then, you are looking for a backup application that supports rsync or sftp/scp over ssh or vpn, that is also cross compatible (Android and PC/Linux). Point this to the service above, and you are good to go.
This.
At some point, you need to be able to quantify the risk to your business before you can do this.
For instance, if your business earns $10 per transaction, and you perform 100 transactions per second, the difference between five and six nines (313 seconds vs 31 seconds) is $282,000; nowhere near enough to justify the added investment.
Edit: Important to note that for the first example, these are already enormously huge numbers. Such a business, assuming no holidays or weekends, would be grossing $31.5 billion per year, in the same ballpark as Oracle and Coca Cola.
So when we say the company is losing 282,000, this is a tiny, tiny fraction of revenue. Even 99.5%, which is almost two days of downtime, would “only” be a loss of 0.5% of all revenue for the year. Sure, this is $157M, but even that would probably not cover the cost of a six nines infrastructure (that said, they could save up to $120M per year by achieving 99.9%, which would be worth exploring).
It itself is not FOSS, but Network Chuck just had a decent video on setting up ThinLinc for his editing team. I believe it is free for ten or fewer users. There is an admin function that allows you to observe what another user is doing (session shadowing).
https://m.youtube.com/watch?v=qdo5lMR1lX4
In general, for native FOSS, I’m pretty sure you can specify the screen port in VNC, and connect multiple users to the same port, but you’d have to double check the configuration file. Can likely also be done with XRDP.