Bootable CD w/OS for firewall
miah
jjohnson at sunrise-linux.com
Wed Sep 15 09:42:00 EDT 2004
You keep your ssh key on your firewall? Sounds like a bad idea to me,
ipsec, you have to, but you can issue a new key easily, so its not a
big deal.
-miah
On Wed, Sep 15, 2004 at 09:33:12AM -0400, Derek Atkins wrote:
> miah <jjohnson at sunrise-linux.com> writes:
>
> > advantage being if you get owned, you burn a new cd and reboot. Since
> > its all a read-only filesystem that loads into memory anything an
> > attacker does is temporary.
>
> Except when they compromise your (ssh/ipsec) keys...
>
> > -miah
>
> -derek
>
> --
> Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
> Member, MIT Student Information Processing Board (SIPB)
> URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
> warlord at MIT.EDU PGP key available
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://www.blu.org/mailman/listinfo/discuss
>
More information about the Discuss
mailing list