> I think, for many with security concerns, it would be preferable to set up a
> "Prime Proxy" of some sort.
> --- snip ---
As a network manager, could I point out that it really doesn't help
security at all, though it may make the security manager's job
easier. The point is, one "hole" in a firewall is just as dangerous as
many.
> This would have definitely helped me out big since with 2500 or
> so machines all going to one web site, though the data was small
> the proxy server's activity wouldn't go unnoticed to be sure.
The point here is that the site firewall could be set up to pass traffic
to the PrimeNet server from one host only - the local Prime server -
thus removing the ability for the PrimeNet server to directly
"contaminate" participating machines. (Or vice versa...)
I don't really want to restart this thread, but I thought the core of the
US West problem was that there was a great deal more traffic
between the participants and the server than should have been the
case, due to the server going down, due to running out of
exponents (back in v15 days). Though this traffic in itself should not
have threatened US West's services, there was a coincidence with
a probably unrelated problem resulting in poor service, which
resulted in Prime95 being blamed because the PrimeNet traffic was
"discovered" during the investigation into the poor service problem.
> By consolidating the Internet traffic in this manner, you get more efficient
> use of the Internet connection when many machines are involved.
If you have a permanent connection to the Internet (as most largish
sites will have), then it's actually slightly better to have a string of
small messages at random times, than the same total amount of
data presented as a "point load". But the volume we're talking
about wrt PrimeNet is pretty insignificant.
If you have an intermittent (dial-up modem or ISDN) connection and
the cost of making calls is non-zero, then, as Aaron says, it's
definitely cheaper to batch up data locally & send it in one block.
> Or let's say you have many machines on a network that isn't
> connected to the internet at all.
Eh? Does anyone outside of a treatment ward for terminal paranoia
still work this way??
> It sounds like a good idea to me, and obviously I haven't explored the
> possibilities too much, but that's the general idea.
It *is* a Good Idea - especially for sites with a largish number of
users - but the *real* benefits are in terms of reducing the load on
the "master" server. OK, we have some way to go yet before the
problem becomes critical, but as a distributed project grows, the
need to distribute the server functions also gets more urgent. This
is on the grounds of redundancy (no single point of failure) as well
as of load-sharing.
Regards
Brian Beesley
p.s. Does this discussion really belong on the PrimeNet list rather
than the mersenne list? Obviously there is a direct connection with
GIMPS project and therefore an indirect connection to Mersenne
numbers, but there's not much mathematical content in this
message, or in the message which triggered this response.
If people have strong views on where this discussion should
continue, could you please mail me privately, some time next week
I'll post a (brief) summary of the responses.
