Professional Web Applications Themes

Network File serving options - SCO

My company has a POS system that we are updating. Currently, we have two Openserver machines acting as cash registers and one machine that interfaces to our gas pumps and our corporate office via dialup. The machines are a mix of 5.0.5 and 5.0.6. Right now the machines are basically stand alone in regards to the transaction and price files. We are want to make our gas interface machine a file server (it doesn't have nearly as much activity as the registers). Basically we want the registers to write all transaction information to the file server and get all pricing ...

  1. #1

    Default Network File serving options

    My company has a POS system that we are updating. Currently, we have two
    Openserver machines acting as cash registers and one machine that interfaces
    to our gas pumps and our corporate office via dialup. The machines are a
    mix of 5.0.5 and 5.0.6.

    Right now the machines are basically stand alone in regards to the
    transaction and price files. We are want to make our gas interface machine
    a file server (it doesn't have nearly as much activity as the registers).
    Basically we want the registers to write all transaction information to the
    file server and get all pricing information off of the file server. I know
    how to do this with NFS, but I am wondering if the are some other better
    options. For example, is there something with less overhead, more
    reliability, etc, or is NFS the perfect way to go?

    Security is not a big issue. The only outside access to the system is via
    dial up and the number is not published anywhere. Also, the only access the
    user's have to our system inside the store is with a touch screen. The only
    other input devices available are the UPC scanner or credit card/check
    reader.

    The network is a 10mb/s network. I would like to avoid replacing the
    network hardware if possible. With only two clients, it shouldn't be very
    busy, plus none of our store layouts would allow anymore registers, save one
    that would allow 4. If that changed, it would be a new installation with
    new hardware.

    BTW, there will be built in fail safe measures to write locally if the
    network failed for some reason.

    Any ideas, comments, or concerns, not related to porting to linux because
    "SCO s" would be greatly appreciated. The linux port is coming but that
    is a separate project.

    Thanks,
    Justin


    Justin Guest

  2. #2

    Default Re: Network File serving options


    "Justin Robbs" <com> wrote in message
    news:bnrhfg$5o7$tdl.com... 
    interfaces 
    machine 
    the 
    know 
    via 
    the 
    only 
    very 
    one 
    that 

    Given your description, I'd have to say Yes.. NFS is the way to go.

    Nothing else would be as invisible to the client machines, requiring much
    more customization.

    NFS should be very stable, so long as the server it's self is. I've not
    had any issues with NFS under OSR505 or 506.

    bkx


    Stuart Guest

  3. #3

    Default Re: Network File serving options

     

    Thanks for the advice. That is about what I figured based on my limited
    experience.

    Justin


    Justin Guest

  4. #4

    Default Re: Network File serving options

    Justin Robbs wrote: 

    Far from perfect, but it does work on a LAN for copying files. NFS is less
    suitable for sharing a database, such as a flat file system.
     

    There has been some interaction in local file systems performance when
    using NFS, check back to some of Belas posts for the details.
     

    That is the most critical concept, in retail rule #1 is take the money.
    The design should allow the register to run even if the network cable
    is pulled.
     

    Mike

    --
    Michael Brown

    The Kingsway Group
    Mike Guest

  5. #5

    Default Re: Network File serving options

    In article <bnrhfg$5o7$tdl.com>, Justin Robbs
    <com> wrote:
     

    [other stuff deleted - only retaining pertinent part - wjv]
     

    Not haveing a published phone number fits the 'security through
    obscurity model' - and that has been shown to be one of the worst
    security mode that anyone tries.

    The old movie 'War Games' shows how easy this was done then, and
    it's even easier now.

    And now that you have posted this to a global NG all someone has to
    do is figure out the city you are calling from.

    Callback modems - if you must use modems - are a good route as they
    will only call back specific phone numbers.

    If you don't go that way you might want to try 'enhanced security
    through obscurity'.

    You invert the funtions of the modems, so that the server modem
    goes on line in originate mode [not answer mode] and you call that
    modem in answer mode.

    This means that if anyone dials the number they never get a modem
    tone, as the modem at the server is waiting for the tone. When you
    call the far side you get silence and then your modem issues the
    handshake tone.

    I've seen this implemented - and at least it will stop the random
    dialers who look for an answer tone.

    I'll get off my security rant now.

    Bill

    --
    Bill Vermillion - bv wjv . com
    Bill Guest

  6. #6

    Default Re: Network File serving options

    > Not haveing a published phone number fits the 'security through 

    Admittedly, it isn't the most secure method. But the powers that be are
    happy with that solution, coupled of course with a strong password.
     
    --snip-- 
    --snip-- 

    What other steps could be done to improve the system security, besides those
    posted? Nothing to specific, just some general recommendations.

    BTW, I didn't mean that security wasn't an issue for the system as a whole,
    but for the purposes of this discussion.

    Thanks,
    Justin


    Justin Guest

  7. #7

    Default Re: Network File serving options


    "Mike Brown" <ca> wrote in message news:ca... [/ref]
    two [/ref]
    interfaces [/ref]
    a [/ref]
    machine [/ref]
    registers). [/ref]
    the [/ref]
    know 
    >
    > Far from perfect, but it does work on a LAN for copying files. NFS is[/ref]
    less 

    It would be reading and writing transaction information to the various
    transaction files that we keep. I am thinking that I will keep the pricing
    information locally though as that is a pretty large file that obviously
    gets accessed frequently.

    --snip--
     

    Thanks, I will check that out.
     
    >
    > That is the most critical concept, in retail rule #1 is take the money.
    > The design should allow the register to run even if the network cable
    > is pulled.
    >[/ref]

    Yes, we always make sales. We have even made sales in power outages (10
    min. UPS battery). I will still write the sales information locally, but
    the file server part will be for reconciliation purposes. Currently we send
    data from register 1 to register 2 and vice versa, the sales information
    then matches on both machines. But we are running into situations where we
    need a site with 3 or 4 registers. Then it becomes easier for all machines
    to send sales to one place, rather than trying to ensure that all machines
    have the correct information.
     [/ref]
    because [/ref]
    that 
    >
    > Mike
    >
    > --
    > Michael Brown
    >
    > The Kingsway Group[/ref]


    Justin Guest

  8. #8

    Default Re: Network File serving options

    Justin Robbs wrote (on Fri, Oct 31, 2003 at 08:28:48AM -0700): 
    >
    > Admittedly, it isn't the most secure method. But the powers that be are
    > happy with that solution, coupled of course with a strong password.

    > --snip-- 
    >
    > What other steps could be done to improve the system security, besides those
    > posted? Nothing to specific, just some general recommendations.[/ref]

    ISTR that for SCO you can set up a "dial-up" password, needed to log on
    inaddition to the regular password. man passwd for details.

    Also, disable root login remotely. man login ("CONSOLE" option) for details.

    With an unguessable user name, and TWO strong passwords ('man goodpw'), your
    system is fairly secure - until someone writes the info down and sticks it on a
    post-it. :-(

     

    --
    _________________________________________
    Nachman Yaakov Ziskind, EA, LLM com
    Attorney and Counselor-at-Law http://ziskind.us
    Economic Group Pension Services http://egps.com
    Actuaries and Employee Benefit Consultants
    Nachman Guest

  9. #9

    Default Re: Network File serving options

    On Fri, 31 Oct 2003 08:28:48 -0700, "Justin Robbs"
    <com> wrote:
     

    I have a few modems sitting on servers used for a modem pool. In one
    case, the customer wanted an additional level of security. I found a
    modem with built in called ID authentication. The problem is that I
    can't recall the manufacturer and vaguely recall that the modem is a
    discontinued product. The modem also has its own password entry
    feature but that's not being used.

    OSR5 also has an additional password feature for specified shells as:
    /etc/d_passwd
    Run:
    passwd -m sh
    See:
    http://www.aplawrence.com/Bofcusm/239.html
    http://stage.caldera.com/cgi-bin/ssl_getmanpage?passwd+C+OS5
    for some additional clues.

    There are also the myriad of one-time password generators. They look
    like a calculator and generate a new password every few minutes based
    on a clock. I have one on a key fob. There are also programs that
    will run on the client machines to automate the login. No passwords
    to remember or key generator to lose. Look for the man pages on
    "S/KEY" (RFC1760) or OTPW. There are other one-time password
    standards. If you combine SSH (secure shell) and a one-time password
    system, methinks your security would be considered sufficient.


    --
    Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
    (831)421-6491 pgr (831)336-2558 home
    http://www.LearnByDestroying.com AE6KS
    santa-cruz.ca.us com
    Jeff Guest

  10. #10

    Default Re: Network File serving options

     

    Yeah we have that setup on our systems. I just figured it was standard.
     
    details. 
    your 
    on a 

    All of dial ups are done via automated scripts. When we change them, we
    just update the one program. There are only 3 or 4 of us who do manual
    logins and we keep the password the same for all our remote machines. With
    300 systems it can be difficult to rotate passwords regularly and remember
    them.

    Thanks for the tips.

    Justin


    Justin Guest

  11. #11

    Default Re: Network File serving options


    "Jeff Liebermann" <santa-cruz.ca.us> wrote in message
    news:com... [/ref]
    those 
    >
    > I have a few modems sitting on servers used for a modem pool. In one
    > case, the customer wanted an additional level of security. I found a
    > modem with built in called ID authentication. The problem is that I
    > can't recall the manufacturer and vaguely recall that the modem is a
    > discontinued product. The modem also has its own password entry
    > feature but that's not being used.
    >
    > OSR5 also has an additional password feature for specified shells as:
    > /etc/d_passwd
    > Run:
    > passwd -m sh
    > See:
    > http://www.aplawrence.com/Bofcusm/239.html
    > http://stage.caldera.com/cgi-bin/ssl_getmanpage?passwd+C+OS5
    > for some additional clues.
    >
    > There are also the myriad of one-time password generators. They look
    > like a calculator and generate a new password every few minutes based
    > on a clock. I have one on a key fob. There are also programs that
    > will run on the client machines to automate the login. No passwords
    > to remember or key generator to lose. Look for the man pages on
    > "S/KEY" (RFC1760) or OTPW. There are other one-time password
    > standards. If you combine SSH (secure shell) and a one-time password
    > system, methinks your security would be considered sufficient.
    >
    >
    > --
    > Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
    > (831)421-6491 pgr (831)336-2558 home
    > http://www.LearnByDestroying.com AE6KS
    > santa-cruz.ca.us com[/ref]

    Thanks for the information. I really appreciate it and will look into it.


    Justin Guest

Similar Threads

  1. Serving up a pdf file
    By David in forum PERL Beginners
    Replies: 3
    Last Post: July 21st, 11:12 PM
  2. MacIP serving on an internal network
    By matt in forum Mac Networking
    Replies: 11
    Last Post: September 20th, 10:24 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139