Date: Wed, 6 Nov 2002 07:54:03 -0600 From: Kyle Martin <mkm@ieee.org> To: Nathan Mace <nmace@myrealbox.com> Cc: chat@freebsd.org Subject: Re: Does this exist? Message-ID: <20021106135403.GA82947@marvin.bsdng.org> In-Reply-To: <119245048150.20021105193336@myrealbox.com> References: <119245048150.20021105193336@myrealbox.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Nov 05, 2002 at 07:33:36PM -0500, Nathan Mace wrote: > Date: Tue, 5 Nov 2002 19:33:36 -0500 > From: Nathan Mace <nmace@myrealbox.com> > To: freebsd-chat@FreeBSD.ORG > Subject: Does this exist? > > first of all, I'm not sure this is the proper place to be asking this, > however as far as i know this mailing list isn't restricted to a > particular subject except FreeBSD in general. > > that said, my question is this: > > Are there any open source projects out there that are working on > making a slim OS that will boot off of a CD, load itself into memory > and run from completely within RAM, and never touch a hard > drive.......now i know there are...there are several "live" Linux CD's which > do this but let me finish my question.........are there any that can > do this, and are aimed at firewall's? > > as cheap as RAM for PC's is now, why couldn't a company afford to buy > say 512* megs of ram and have a firewall that runs totally in ram and > boots from a CD-R? think about that for a second. if system got > comprised, what could the "bad guy" do? he couldn't install anything that > would last because as soon as the sys-admin discovered he was there, > they could re-boot the machine, and since it boots off of a read-only > "hard drive" you know that it hasn't been comprised, and the ram that > it uses for a temporary hard drive would be instantly formatted. granted if > someone got in once they can do it again as soon as the machine was up > and running again......but how is that any different than a machine > that runs off of a hard drive? you would still have to wait on an > update or patch. and if you had this in a production environment you > could have a dedicated machine running FreeBSD and when the patch came > out you could install the patch to that box, and then burn a new image > that was created from that OS and boom. your firewall is not upgraded > picobsd(8) -- Kyle Martin mkm@ieee.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021106135403.GA82947>