From owner-freebsd-small  Sun Dec 22  7:18:56 2002
Delivered-To: freebsd-small@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 7D51937B401; Sun, 22 Dec 2002 07:18:55 -0800 (PST)
Received: from search.sparks.net (d-207-5-180-136.gwi.net [207.5.180.136])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 0097943EDE; Sun, 22 Dec 2002 07:18:55 -0800 (PST)
	(envelope-from dmiller@sparks.net)
Received: by search.sparks.net (Postfix, from userid 100)
	id 4192CD988; Sun, 22 Dec 2002 10:18:49 -0500 (EST)
Received: from localhost (localhost [127.0.0.1])
	by search.sparks.net (Postfix) with ESMTP
	id 31F48D987; Sun, 22 Dec 2002 10:18:49 -0500 (EST)
Date: Sun, 22 Dec 2002 10:18:49 -0500 (EST)
From: David Miller <dmiller@sparks.net>
To: randall ehren <randall@ucsb.edu>
Cc: freebsd-small@freebsd.org, freebsd-hardware@freebsd.org
Subject: Re: tripwire on compact flash
In-Reply-To: <Pine.BSF.4.33.0212211831540.65268-100000@isber.ucsb.edu>
Message-ID: <Pine.BSF.4.21.0212221017260.65406-100000@search.sparks.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-small@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-small.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-small>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-small>
X-Loop: FreeBSD.ORG

On Sat, 21 Dec 2002, randall ehren wrote:

> > >  i setup a freebsd system running off of a compact flash card. i know that CF
> > > cards have a limited life of read & writes so i wanted to know if running
> > > tripwire on the card was a bad idea...?
> >
> > It's fine if you have it mounted read only virtually all the time.  You
> > don't say what you're using the system for, so we really can't guess
> > whether that's possible or not.
> 
> the machine is being used as a ipfilter firewall (in bridge mode) for our
> network. i default it to being mounted read-only but currently use mount -uw
> so that i can change my ipf.rules file. (and then mount -ur to set it back)
> 
> > As for tripwire, flash would be an OK place to store the checksums.  it's
> > better if you have physical access to the system to have to change a write
> > enable switch on a removable media.  If you're talking about a remote
> > system flash is as good as anything else.
> 
> well the device sits in a network closet and only has one flash card in it. i
> suppose we could stick a floppy drive on it, but i was mostly concerned about
> the heavy read operations on the CF card and how damaging that would be.

My understanding is that you can read from them an unlimited number of
times, it's only the number of times you can write to them that's limited.

The last set of flash cards I got were limited to a million write cycles,
iirc.

--- David


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-small" in the body of the message