>proxies to all interfaces anymore. Also, since most are hybrids, they >normally also packet filter everything on OSen where you can't just rip >out all the non-proxy stuff (Solaris anyone?.)
Actually you can remove big hunks of solaris's kernel. Just rm -f the modules. You keep doing this until the box won't boot, then reinstall from scratch, and repeat up to just before the last thing you removed :-) I haven't done this since 2.6 mind, and it helped having the process automated, but its still a lot of work. Now if netbsd had run MP on ultra 450's back then... That same bastion + ipfilter was also good for a low risk high volume link too btw. --sjg _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
