Date: Tue, 15 Jan 2002 00:06:41 -0500 From: Nathan Mace <nmace85@yahoo.com> To: freebsd-chat@freebsd.org Subject: a CDROM based firewall Message-ID: <200201150509.AAA07250@uce55.uchaswv.edu>
next in thread | raw e-mail | index | archive | help
what do you guys think of a "free" style licenced BSD based firewall on a bootable CDROM? i know that suse linux provides this as a linux based product but it is commerical, and i'm not sure how popular it is or how well it works. i was thinking that i could make an ISO image that when burned to a CDROM, which when booted it would copy itself to memory, and then run from there. you could setup a ram drive to be the /tmp directory, and optionally you could have a hard drive to hold the log files. that way if it ever got cracked, all you'd have to do is reboot it to be back to a known good state. since the CDROM is read-only there is nothing the cracker could hurt except the logs, which could be setup to be emailed to you via cron. i've talked to some people i know about this idea, and someone pointed out that you'd have to burn a CDR every time you wanted to permenatly chage the firewall rules, but what would be wrong with linking the filewall conf(rules) file to a file on the floppy drive? you could edit it on a different computer, and then set the floppy disk to be phsically read-only. mount the disk and restart the firewall deamon causing it to re-read the new file. anyone see any serious problems with this? anyone know if there are any projects like this already out there? thanks To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201150509.AAA07250>