KorpDeath> you could also have your firewall based on read-only media, and this would achieve the same effect. You could keep your rules on a floppy with the tab flipped to read-only, and then if you actually had to make a change to the rules, you just pop the floppy out, change the tab, make your change, then pop it back in. That way, you've got minimal downtime (the OS could be CD-based), and you still are able to modify your firewall rules when you want and how you want.Originally posted here by KorpDeath
It did however say that the disks would not be mounted. For a totally secure firewall there needs to be no way to get to the file system.
Nice idea but I can see some serious limitations.
IMO, Read-only access to your disks is way better than having a f/w running at runlevel 0.
Reply With Quote