On Monday 01 May 2006 17:53, Karsten Hilbert wrote: > > >Firewall replacement should be: boot firewall boot CD in > > >another machine with two network cards. > > > > Here are you using dedicated firewall hardware, or a PC, as the > > firewall (or does it matter)? > > PC with bootable linux/bsd based firewall CD-ROM. With > configuration either put onto a customized CD-R, a USB > stick, a floppy disc, etc. I use an IBM thin client 166MHz (cheap on ebay) with internal flash card (like in cameras). I put IPCop on it and it's rock solid. No probs whatsoever. It's so solid it even comes up after power failure without probs. No moving parts like cd rom, harddrive, no usb drive people can remove
Takes less than 10 minutes to install an configure (browser interface) Basically it's just like using an old pc but these thin clients were made for business use and run forever. I bought 5 for $200 I think. > > > Does "boot CD" mean to upload a config > > file to the firewall which, in order to work, would depend that the > > new firewall is interoperable for that config syntax and settings? > > No, it would mean boot a CD which boots a firewall system on > generic hardware - much like KNOPPIX does for a desktop. > Some configuration will have to be read from somewhere, > however - or typed in a boot time. Can be done but cds can be exchanged by attacker, don't last very long. are a pain in the ... to update > -- Sebastian Hilbert Leipzig / Germany [www.openmed.org] -> PGP welcome, HTML ->/dev/null ICQ: 86 07 67 86 -> No files, no URL's VoIP: callto://[EMAIL PROTECTED] My OS: Suse Linux. Geek by Nature, Linux by Choice _______________________________________________ Gnumed-devel mailing list [email protected] http://lists.gnu.org/mailman/listinfo/gnumed-devel
