Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bootable CD w/OS for firewall



http://www.samag.com/documents/s=1824/sam0201d/0201d.htm

On Wed, Sep 15, 2004 at 11:15:39PM +0900, Derek Martin wrote:
> On Wed, Sep 15, 2004 at 09:12:57AM -0400, miah wrote:
> > advantage being if you get owned, you burn a new cd and reboot.  Since
> > its all a read-only filesystem that loads into memory anything an
> > attacker does is temporary.
> 
> It is possible to run a firewall in "shut down" state.  That is, you
> run shutdown, so that no processes are running, no processes can be
> spawned, but the kernel continues to filter packets.  Under such
> circumstances, it's virtually impossible to be owned, unless you can
> find a way to inject code into the running kernel to be executed.  I
> forget where I first saw this, but I imagine a web search on something
> like "firewall shutdown linux" will turn up useful results.
> 
> -- 
> Derek D. Martin    http://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
> -=-=-=-=-
> This message is posted from an invalid address.  Replying to it will result in
> undeliverable mail.  Sorry for the inconvenience.  Thank the spammers.
> 






BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org