Firewalls: Safety measures for firewall-local tools storage?

Firewalls
(January 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Safety measures for firewall-local tools storage?
From:	James Youngman <100647 . 453 @ compuserve . com>
Date:	17 Jan 96 12:47:26 EST
To:	"'Firewalls List'" <firewalls @ greatcircle . com>

I need (at least initially) tools installed that I can aceess from the firewall
machine.  Things like a compiler to compile TIS.  I could remove these when I
bring up the interface to the outside, but I wondered if anybody had an idea
about some measure that was still secure but didn't require this.

I thought of a filesystem mounted locally on an encrypted block device,
requiring a password from the console.  Any other suggestions?  Is this itself a
bad idea?

I rejected the idea of mounting them over NFS from a machine inside the
Firewall, believing this to be still less secure.  Any nay-sayers?

James.

Follow-Ups:

Re: Safety measures for firewall-local tools storage?
From: Tom Zerucha <root @ deimos . ceddec . com>

Indexed By Date	Previous:	ERROR REPLY: Firewalls-Digest V5 #14 From: ADMINISTRATOR . ROUTER @ us . wfl . com
Indexed By Date	Next:	RE: Internet-access from Novell - Un-Correction From: Juan Carlos Machado <juank @ ciat . cgiar . org>
Indexed By Thread	Previous:	ERROR REPLY: Firewalls-Digest V5 #14 From: ADMINISTRATOR . ROUTER @ us . wfl . com
Indexed By Thread	Next:	Re: Safety measures for firewall-local tools storage? From: Tom Zerucha <root @ deimos . ceddec . com>