need for a better NAS security model

 Your leaking thatched hut during the restoration of a pre-Enlightenment state.

Hello, my name is Judas Gutenberg and this is my blaag (pronounced as you would the vomit noise "hyroop-bleuach").

[latest article]

Nov | December | Jan
2013 | 2014 | 2015
index of years

links

decay & ruin
Biosphere II
Chernobyl
dead malls
Detroit
Irving housing

got that wrong
Paleofuture.com

appropriate tech
Arduino μcontrollers
Backwoods Home
Fractal antenna

fun social media stuff

Like asecular.com
(nobody does!)

Like my brownhouse:

need for a better NAS security model
Thursday, December 11 2014

Now that I have a good NAS system working on the local network, lots of things that used to be slightly broken are now working in top form. I'm especially pleased with the setup for podcasts. That script I wrote reliably updates a single directory with a copy of all my latest podcasts for me to dig through and either play or copy to an MP3 player, and I no longer have to dig around in all the various directories that the podcasts get copied to by the podcatcher. The Juice podcatcher isn't great, but it's the best available, and even when it hangs it seems to recover eventually, which is all I ask of it. Gretchen now has fast access to all the movies I've downloaded for her to play on the Linux box in the teevee room, and they're available even when my computer (Woodchuck) is asleep. At this point, the main issue remaining is security. I'm a little concerned that someone could come in and make mischief via my WiFi network. I'm way out in the country and would prefer to leave things as open as possible, the way the Oberlin Computer Science Department's VAX 750 was back in 1986 (given the default security settings, one could, if one wanted, simply copy someone else's programming assignment, change the variable names, and submit it as one's own). What I'm saying is that if someone in our neighborhood wants to watch my movies or listen to my music, that's fine with me. But I really need to implement some way to make my shares read-only for all hosts except Woodchuck and perhaps Badger. That's surprisingly hard to do with the stock DD-WRT firmware running on the Buffalo router (Katydid). I looked into implementing a different security model from the one supported by the DD-WRT configuration pages, but that seemed to involve loading additional software onto an ext3 thumbdrive and then a long list of fussy twiddling. It's easy to get overwhelmed by complicated tasks undertaken in a terminal, but I've managed to pull a few of them off. I just need more mental focus than is normally available to me. But perhaps if I really need to procrastinate on some other project, I'll get 'er done.

For linking purposes this article's URL is:
http://asecular.com/blog.php?141211

feedback
previous | next