From owner-freebsd-chat Wed Nov 6 5:54:23 2002 Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7EF5C37B401 for ; Wed, 6 Nov 2002 05:54:22 -0800 (PST) Received: from marvin.bsdng.org (24-159-234-52.jvl.wi.charter.com [24.159.234.52]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7DCA543E8A for ; Wed, 6 Nov 2002 05:54:21 -0800 (PST) (envelope-from mkm@marvin.bsdng.org) Received: from marvin.bsdng.org (marvin [127.0.0.1]) by marvin.bsdng.org (8.12.6/8.12.5) with ESMTP id gA6Ds3nn084694; Wed, 6 Nov 2002 07:54:03 -0600 (CST) (envelope-from mkm@marvin.bsdng.org) Received: (from mkm@localhost) by marvin.bsdng.org (8.12.6/8.12.6/Submit) id gA6Ds3xR084693; Wed, 6 Nov 2002 07:54:03 -0600 (CST) Date: Wed, 6 Nov 2002 07:54:03 -0600 From: Kyle Martin To: Nathan Mace Cc: chat@freebsd.org Subject: Re: Does this exist? Message-ID: <20021106135403.GA82947@marvin.bsdng.org> References: <119245048150.20021105193336@myrealbox.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <119245048150.20021105193336@myrealbox.com> User-Agent: Mutt/1.4i Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Nov 05, 2002 at 07:33:36PM -0500, Nathan Mace wrote: > Date: Tue, 5 Nov 2002 19:33:36 -0500 > From: Nathan Mace > To: freebsd-chat@FreeBSD.ORG > Subject: Does this exist? > > first of all, I'm not sure this is the proper place to be asking this, > however as far as i know this mailing list isn't restricted to a > particular subject except FreeBSD in general. > > that said, my question is this: > > Are there any open source projects out there that are working on > making a slim OS that will boot off of a CD, load itself into memory > and run from completely within RAM, and never touch a hard > drive.......now i know there are...there are several "live" Linux CD's which > do this but let me finish my question.........are there any that can > do this, and are aimed at firewall's? > > as cheap as RAM for PC's is now, why couldn't a company afford to buy > say 512* megs of ram and have a firewall that runs totally in ram and > boots from a CD-R? think about that for a second. if system got > comprised, what could the "bad guy" do? he couldn't install anything that > would last because as soon as the sys-admin discovered he was there, > they could re-boot the machine, and since it boots off of a read-only > "hard drive" you know that it hasn't been comprised, and the ram that > it uses for a temporary hard drive would be instantly formatted. granted if > someone got in once they can do it again as soon as the machine was up > and running again......but how is that any different than a machine > that runs off of a hard drive? you would still have to wait on an > update or patch. and if you had this in a production environment you > could have a dedicated machine running FreeBSD and when the patch came > out you could install the patch to that box, and then burn a new image > that was created from that OS and boom. your firewall is not upgraded > picobsd(8) -- Kyle Martin mkm@ieee.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message