From owner-freebsd-security Mon Feb 11 18:45:58 2002 Delivered-To: freebsd-security@freebsd.org Received: from newman2.bestweb.net (newman2.bestweb.net [209.94.102.67]) by hub.freebsd.org (Postfix) with ESMTP id D4EBC37B64D for ; Mon, 11 Feb 2002 18:19:08 -0800 (PST) Received: from okeeffe.bestweb.net (okeefe.bestweb.net [209.94.100.110]) by newman2.bestweb.net (Postfix) with ESMTP id 8FBDD231A1; Mon, 11 Feb 2002 21:18:03 -0500 (EST) Received: by okeeffe.bestweb.net (Postfix, from userid 0) id 229539F3C8; Mon, 11 Feb 2002 21:12:44 -0500 (EST) Date: Sun, 10 Feb 2002 19:18:55 +0000 From: Ceri Storey To: Brett Glass Cc: security@FreeBSD.ORG Subject: Re: Is the technique described in this article do-able with FreeBSD + ipf? Message-Id: <20020212021244.229539F3C8@okeeffe.bestweb.net> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Feb 08, 2002 at 10:53:34PM -0700, Brett Glass wrote: > http://www.samag.com/documents/s=1824/sam0201d/0201d.htm > [running only kernel mode tools] I can see that this would be (almost) implementable with FreeBSD, if you say, customized the rc scripts to just configure the firewall etc, then unmount the disks and then go to sleep. That said, in a lot of circumstances, I'm fairly sure that a dedicated hardware firewall/router would be a lot saner. Just my 0.02 pounds sterling. -- Ceri Storey http://pkl.net/~cez/ vi(1)! postfix(7)! pie(5)! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message