 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Wed, Sep 15, 2004 at 11:15:39PM +0900, Derek Martin wrote: > On Wed, Sep 15, 2004 at 09:12:57AM -0400, miah wrote: > > advantage being if you get owned, you burn a new cd and reboot. Since > > its all a read-only filesystem that loads into memory anything an > > attacker does is temporary. > > It is possible to run a firewall in "shut down" state. That is, you > run shutdown, so that no processes are running, no processes can be > spawned, but the kernel continues to filter packets. Under such > circumstances, it's virtually impossible to be owned, unless you can > find a way to inject code into the running kernel to be executed. I > forget where I first saw this, but I imagine a web search on something > like "firewall shutdown linux" will turn up useful results. > > -- > Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 > -=-=-=-=- > This message is posted from an invalid address. Replying to it will result in > undeliverable mail. Sorry for the inconvenience. Thank the spammers. > Thats interesting, I'd never thought about doing that. -miah
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
