Reply With Quotewell, I suppose as long as /temp was writable, a gateway or any other server that doesnt have dynamic data could very much so benefit.
After a power blip caused my to have to drag my monitor over to my rooter to manually run fsck (its ext2), I wondered what were the implications of running the system as read only? I could mount /var/log on a floppy disk. Would it start playing up?
well, I suppose as long as /temp was writable, a gateway or any other server that doesnt have dynamic data could very much so benefit.
I've talked with people who run firewalls without any userland code. It's pure kernel and nothing else. Of course, you can't see a status or anything like that, just hope it runs, but it's secure as all get out (;
hmmm, if you want a really secured firewall, there's a neat trick you can pull in most linux variants that involves changing your rc1.d around so that everything but the kernel gets shutdown after it boots. But once the system has loaded the first time, it's already setup IPChains and passed alll those parameters to the kernel. With just the kernel left running, the routing still takes place, but there are hooks to get to anything else. No mounted drives, no scripts. nothing to hack.
Check out http://www.samag.com/documents/s=182...201d/0201d.htm for more info on halted firewalls
Posting Permissions
Bookmarks