This may be good for running a firewall or a webserver from, although kbob's point is
very good. Difficult to patch when exploits are found.
However, cracking a firewall or a webserver is rarely the goal (for larger companies,
and for really serious crackers). The real goal is that database full of customer
credit cards behind the webserver and the firewall. The firewall and webserver are
merely the portals into your network. They are gateways into the pot of gold inside.
That's one of the key things we are trying to protect: information. A website
defacement is not really a big deal, although it is bad for PR.
Other goals may be to crack your system in order to use it as a spam gateway for a few
hours, or to install DDoS tools to make your system part of a larger attack. Or your
system may just be a gateway for an attacker to crack into government or international
systems. This is where you need the firewall logs (difficult to log onto a
non-writeable system), and a patchable system.
Cory
On Wed, May 09, 2001 at 07:01:52PM -0700, Timothy Bolz wrote:
> I have a question about Demo Linux and possible could be used for other
> distros. If Demo Linux is runs from CD, it almost makes it hack proof is what
> I'm thinking. Sure everthing that is memory and mounted file systems would be
> hackable. But Let's say you have a cron job run a diagnostics on memory and
> file stucture. Since Demo Linux is run from a CD I believe it would be
> read-only. So If I got a Distro to where I like it I could burn it on a CD and
> it would read-only. I was talking to Larry about this and he said put it out
> on the list. Because what I was thinking you could have a cron job check most
> everything. Is this possible? So if you had a website that was going to
> remain static and it was read only no one could deface it. I know it would be
> slow as CD. What's your thoughts?
>
> Tim
