My computer is a fanless Celeron in the living room and I can hear the HDD when I’m in the bed at 2am in the complete silence. If you’re concerned with noise you need to find another position, far from the bed
I can't speak to what you're looking for specifically, however I can give you an idea of the level and type of noise you could expect.
With a local server I built with 3 standard 8TB HDDs, the "noisiest" part of the whole computer is the fans itself - it's very quiet compared to say, a fanned air purifier on full or maybe even half power. I've never actually heard my hard drives from any of the computers I've built in the last 6-8 years, and I'm usually right by them. If I listen very closely I may hear some ticking/spinning if they happen to be ramped up.
So under load, there may be a chance of hearing some of the spinning disks in a quiet room, however I haven't actively heard an HDD since 2012 - though the size you're going for could be different as you mentioned. I can't speak for the 18tb sizes. As for the smaller external HDD's, I have 3 6TB ones running in tandem and it's pretty much the same, I've heard them ramp up slightly but it's nearly silent even under load it's more of a gentle hum. If there were any noise sources like music it would be unnoticeable. But again, the size may play a factor.
You mentioned it's right by your bed but would your active hours align with the backups? I.e. if you run them overnight from 2a to 8a, you'd already be asleep for the backup. If it's noise that prevents you from sleeping that may help.
22.04 still isn’t FIPS validated yet, so if you need FIPS with Ubuntu pro, the most recent LTS distro you can get is 20.04. That’s why 20.04 is still popular.
I worked at a place which was still using a 20.04 version (for products they were selling) because updating it would require spending any amount of time updating software. Path of least resistance is using the old os forever.
10 years ago I was working at a place that still used an Apple ][e
It controlled a ROM burner that was vital to the manufacturing process. In a back room was a stack of backup ][e s just in case the production one should ever fail. In the years I worked there it never did.
I once downloaded a really old (like 10 years old) ubuntu iso, because I had an app in deb format made for that version, that needed older libraries to run. Perhaps, there were other ways to run it, but running the older iso in a vm worked fine.
I don't know about now, but my first Linux OS was Ubuntu and I appreciated the long support because of this. That was in the dial up days, tho, I can't imagine why anyone would require that now ☠️
20.04 and 22.04 were LTS versions, aka, long term support.
Any application that requires stability should run on LTS versions. Combined with Ubuntu being one of the most popular distros, makes 20.04 and 22.04 the most popular choices for anything in a home lab and many smaller business needs.
Whether you’re building a server for home DNS, or a time server for a small business, then you’re probably using Ubuntu as the base.
I think the next LTS version will be 24.04, so things might shift sometime after that.
Systemd haters? But seriously, this could well be because of business environments where applications require specific OS versions to keep being supported by the vendor. Or better: where the orchestration tool cannot be updated because of the old OSs while said OSs cannot be updated because it will break orchestration.
This is why people love containers: you can run insecure software on insecure OS (component)s while pretending to be in control on your shiny Kubernetes cluster.
I can give you an answer from someone who regularly downloads really old EOL versions of Ubuntu and Debian. I personally use them as part of attack and defense competitions. They are normally very close to unusable and are nearly impossible to update to a more recent or secure version. This forces my team to find creative ways to keep them working while also taking measures to isolate them as much as possible. I also use them to teach old exploits that have been patched in more recent versions, walking people through how it worked and why it existed.
It happens a lot more with Windows machines, but there might be some manufacturing systems out there that require software that won’t run on modern versions of the OS. These systems often require new manufacturing tools in order to upgrade, or they need massive overhauls that smaller companies can’t always afford.
This forces my team to find creative ways to keep them working while also taking measures to isolate them as much as possible. I also use them to teach old exploits that have been patched in more recent versions, walking people through how it worked and why it existed.
I am interested in learning more about this. I know a fair bit about networks but exploit history and modern attack / defense strategies and server hardening are not my main specialty. Do you have any good links or resources that you can share?
Ok so to be clear when I said team I mean a bunch of college students preparing for different ctfs, but these are some of the more helpful resources we have found:
Tryhackme: personal favorite especially for beginners Hackthebox: great for learning/practicing attacks Overthewire: another good ctf site
We try to build many of our own ctf like machines, then each person switches their machine with another person and the other person tries to secure the vulnerabilities without knowing anything about the machine. Once everyone has secured their machines we try to attack them using the notes made while setting them up. This is our step by step for that process.
download an old version of a distro. (Ubuntu 14, deb 9, ect)
install and setup the VM without any updates or changes to the default configuration
google the distro version (Ubuntu 14.04) + vulnerabilities or exploits
read through the different sites to find applications that had huge security issues on that version and begin installing some of the programs that have known exploits
So for example with Ubuntu 14.04 we know there are some Linux kernel exploits.
From here I could add some of the packages mentioned as having exploits and then attempt to exploit them. I could also check newer versions of Ubuntu like 16 to find vulnerabilities that would also apply to older versions.
There is also Mitre’s list(s) of the most dangerous software vulnerabilities. They have one for 2023, but also a catalog of lists from previous years.
datahoarder
Hot
This magazine is from a federated server and may be incomplete. Browse more on the original instance.