Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Securing a Linux Firewall

From: Gwendolynn ferch Elydyr <gwen () reptiles org>
Date: Wed, 24 Jul 2002 15:42:55 -0400 (EDT)
On Tue, 23 Jul 2002, John McDermott wrote:

One easy solution is to create a CD of the tools you want to use.  Most
of the debugging tools can be run from a CD with no problem.  When you
are out of debugging mode and back to production mode, remove the CD.


While this is definately a viable solution when you have easy physical
access to the machine in question, it degrades badly when you're handling
remote machines (where remote could be accross the city, country, or
world).

Beyond that, it's not always safe to assume that a box will have a cdrom
drive. If I'm looking to make it harder for someone with physical access
to modify my box inappropriately, I'll build it via the network, or remove
the cdrom after build...

cheers!
==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet.  This is the defining metaphor of my life right now."

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: