... verify the recipient Luke before pressing the "send" button ;-)
"J-E.Schulz" wrote: > > Hi, > > as long as the server machines resides in a _really_ > restricted area (e.g. a machine room which may by > physically accessed only by trusted staff members) > You may have the chance to securly detect any physical > intrusion to the exposed clients. > > You may use a network boot server, suppling each client > the / and /etc directory. They may reside on a clients > ramdisk or overwriteable hard-disk partition. > > Require the clients to do their IP configuration via > DHCP or BOOTP, and if security is really a concern > ensure that the server supervise the reachability of > each client (e.g. ping each machine every 10 seconds) > and set them on a deny list (e.g. ipchains/iptables input > queue), if they don`t answer. > > So since rebooting manually, requires time (more than 10 seconds) > the physical intusion gets dectected and the offending > machine gets banned from further access to (any, when > get informed) other server or client on your local network. > > hope this helps, yours > > J-E
