[Wolves] Firewalls
David Goodwin
dg at clocksoft.com
Thu Jul 21 08:42:29 BST 2005
> I think whether the medium that the software is stored on is writable is
> the main issue. You want to be able to update but yoiu don't want anyone
> else to. I've been talking to a colleague today who built a FW from a
> mini-ATX board with three net ports on the motherboard and ran ipcop
> from a protected memory card. He couldn't find the board in Google today
> though. I've heard of other people storing the config on a CD but in
> both cases you then need another system where you can write the media..
I'm not totally convinced of the "it's secure because it's read-only"
argument. Unless you're reburning a new cd each time a security update
comes out I'd have thought it's of limited value. Yes, you can obviously
just reboot it and know you're back to a clean state - but if there was
a security hole, it will just be exploited again.
David.
--
David Goodwin
w: http://www.clocksoft.co.uk
e: david.goodwin at clocksoft.com
t: 0121 313 3850
More information about the Wolves
mailing list