I'm trying to port Bering 1.2 to a Compaq 2266. It should be trivial,
but the BIOS refuses to recognize a 1680KB extended format floppy, so
syslinux won't boot it.
Now, one of my primary criteria for my firewalls is not to allow access
to permanent storage. It has a 4GB HD, and the current configuration is:
hda0: Win98SE (for easier control of the PCI NIC & modem),
hda1: swap
hda2: RHL7.2 (to control grub, among other thngs),
hda3: LEAF/Bering.
I had hopes I could get the floppy-based Bering running from the HD
without even allowing IDE drivers in the system, tried that and got
Bering running with grub to the point that LINUXRC couldn't load the
packages, but now see in the documentation I need to add IDE drivers to
/boot/modules.
Darn. So now my question is what can I do to prevent a hacker able to
penetrate Bering (which I believe hasn't yet been demonstrated) from
accessing the hard drive? Unmount & remove /dev/hda3? Unload & remove
the drivers from /boot/modules? Something else? (I realize this is only
a bit of "slight of hand", hiding something present, hoping it isn't
discovered.)
p.s. I thought maybe I could get grub to chainload syslinux:
title LEAF/Bering via syslinux
hide (hd0,0)
unhide (hd0,3)
makeactive
rootnoverify (hd0,3)
chainloader +1
but I haven't quite figured that out yet. Has anybody gone this way?
Paul Rogers ([EMAIL PROTECTED])
http://www.xprt.net/~pgrogers/
http://www.angelfire.com/or/paulrogers/
Rogers' Second Law: "Everything you do communicates."
(I do not personally endorse any additions after this line. TANSTAAFL
:-)
________________________________________________________________
The best thing to hit the Internet in years - Juno SpeedBand!
Surf the Web up to FIVE TIMES FASTER!
Only $14.95/ month - visit www.juno.com to sign up today!
-------------------------------------------------------
This SF.Net email is sponsored by Sleepycat Software
Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to
deliver higher performing products faster, at low TCO.
http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
