Bootable CD w/OS for firewall

Derek Martin invalid at pizzashack.org
Wed Sep 15 10:16:00 EDT 2004


On Wed, Sep 15, 2004 at 09:12:57AM -0400, miah wrote:
> advantage being if you get owned, you burn a new cd and reboot.  Since
> its all a read-only filesystem that loads into memory anything an
> attacker does is temporary.

It is possible to run a firewall in "shut down" state.  That is, you
run shutdown, so that no processes are running, no processes can be
spawned, but the kernel continues to filter packets.  Under such
circumstances, it's virtually impossible to be owned, unless you can
find a way to inject code into the running kernel to be executed.  I
forget where I first saw this, but I imagine a web search on something
like "firewall shutdown linux" will turn up useful results.

-- 
Derek D. Martin    http://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail.  Sorry for the inconvenience.  Thank the spammers.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.blu.org/pipermail/discuss/attachments/20040915/51363684/attachment.sig>


More information about the Discuss mailing list