Hi,
I read your reply to another question, in which you stated that the Linux 2.0.x
kernel
has the ability to turn off the operating system, but leave the kernel running. How is
this done? Or more of, where can I find documentation to do this? Thanks in advance.
Darren [EMAIL PROTECTED]
>>I have several firewalls in use running on Linux for the following reasons
>>(in no particular order)
>>
>>1. it is cheap, both the software and the hardware. This means that when
>>someone proposes putting a firewall somewhere it is mostly a matter of
>>time to install it (the PC we usually scrounge from someone who is
>>upgrading). free vs. ~$20,000 for a sun solution is a powerful argument
>>especially if you would like to deploy several
>>
>>2. in part becouse it is cheap you can deploy several of them each tuned
>>to the particular job rather then getting one big multi-legged box to
>>connect several networks. As each firewall is simpler it is easier to
>>setup and less likly to be misconfigured.
>>
>>3. If you need basic packet filtering everything is there already, The
>>same thing if you need many -> one NAT (linux calls it masquerading). If
>>you need proxys you can get a basic set in the FWTK and can reasonably
>>crate more specialized ones yourself.
>>
>>4. with the 2.0 kernel series if you don't need proxys you can setup a
>>firewall that configures itself and then halts the system. The kernel will
>>continue to run and move your packets, but there is no userspace running
>>for someone to crack into, with the 2.2. kernels that is not possible now,
>>but people are working to re-enable it (the 2.2 kernel decides that if
>>init dies the system needs to reboot and does so immediatly)
>>
Is there some documentation somewhere to do this??
>>if you use linux you will want to be careful when you install it to strip
>>things down. A full firewall install including perl should be in the
>>40-50MB range for slackware and 90MB range for redhat (redhat installs a
>>_lot_ of libraries that I have not jet had time to weed through and
>>eliminate)
>>
>>David Lang
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
