Firewall Wizards mailing list archives
Re: chroot useful?
From: Colin Campbell <sgcccdc () citec qld gov au>
Date: Fri, 21 Nov 1997 10:43:27 +1000 (EST)
My mailer thinks Paul McNabb said:
From anton () Toronto com Mon Nov 17 19:05 CST 1997 At 05:27 PM 17/11/97 -0600, Paul McNabb wrote: > >IMHO, stripping down a system by removing unnecessary utilities, services, >and processes reduces the chances of leaving a hole open and is absolutely >essential for making a firewall "secure", but it does little towards making >the remaining services more secure. What about stripping down the kernel and removing things of dubious nature?Absolutely. I think most people would agree that the smaller the code, the better.
Consider WatchGuard. No hard drive, proxies of sorts and SPF and it all fits on a boot floppy in under 500KB. Colin
Current thread:
- Re: Firewalling DCOM and brethren, (continued)
- Re: Firewalling DCOM and brethren Magossa'nyi A'rpa'd (Nov 21)
- Re: chroot useful? Anton J Aylward (Nov 17)
- RE: chroot useful? Joseph Judge (Nov 17)
- Re: chroot useful? Paul McNabb (Nov 17)
- Re: chroot useful? Paul McNabb (Nov 17)
- Re: chroot useful? C. Harald Koch (Nov 20)
- Re: chroot useful? Anton J Aylward (Nov 20)
- Re: chroot useful? chuck yerkes (Nov 21)
- Re: chroot useful? Adam Shostack (Nov 21)
- Re: chroot useful? chuck yerkes (Nov 21)
- Re: chroot useful? Paul McNabb (Nov 20)
- Re: chroot useful? Colin Campbell (Nov 21)
- Small code (was Re: chroot useful?) chuck yerkes (Nov 23)
- Re: chroot useful? Colin Campbell (Nov 21)
- Re: chroot useful? Anton J Aylward (Nov 21)