>
> No need. What's so hard about providing all these swoopy services on a
> machine located just *outside* your firewall, with a completely expendable
> OS and utilities that can be restored from tape in a couple of hours, and
> doing all your real work [including generating the master tree for your
> swoopy-server] behind the wall? Said machine will continue supplying swoopy
> services even if it's cracked, until the crackers manage to completely
> destroy it, after which you slap a tape on and restore it to its known
> configuration [maybe with some more holes plugged].
>
> It also gives you a "target" that you can carefully watch for weird activity
> against, if you want to spent the time trapping perpetrators.
>
> A warning to all callers that things they obtain from such a machine may not
> necessarily be trustworthy might be appropriate, though, so they might
> *expect* things like the wu-ftpd hole to show up.
>
> _H*
It's perfectly feasible to run such a system from a bootable
CDROM/readonly floppy/ram disk configuration (at least with Linux).
Optional HD to be reformatted/initialized from CD of course....
With CDD (writer) drives running <$4000 and disks about $15 each, this
is perfectly feasible.
sdw
--
Stephen D. Williams Local Internet Gateway Co.; SDW Systems 513 496-5223APager
LIG dev./sales Internet: sdw @
lig .
net
OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Comm. Consulting ICBM: 39 34N 85 15W I love it when a plan comes together
Newbie Notice: (Surfer's know the score...)
I speak for LIGCo., CCI, myself, and no one else, regardless of
where it is convenient to post from or thru.
References:
|
|
