On Sat, May 31, 2003 at 12:12:44PM -0300, [EMAIL PROTECTED] wrote: > What's the advantage of having the Firewall/NAT rules written on a CD-R media?
A very simple convenience factor. If the firewall is cracked in some form, a simple reboot will re-initialize it, forcing the attacker to re-crack it, if he or she wishes to retain control of it. If the attacker was a rather casual peruser, he or she may not bother re-cracking, and your life can go on as normal for a few days while you build a new firewall that is not vulnerable to whatever was used in the attack. Of course, this assumes the attacker was noisy enough for you to notice it. If he or she does his or her job well enough, you'll never notice, and you're right -- there is practically zero benefit to having the rules be on a CD-R at that point. :) -- "It seems the power has been robbed from the founding fathers and is now firmly in the hand of the funding fathers." -- Rik van Riel
pgp00000.pgp
Description: PGP signature
