Next message: Arun K.Khan: "Re: [LUNI] Questions on RH7 for firewall and ftp server..."
On Thu, Feb 01, 2001 at 09:15:07AM -0600, administrator@shapedwire.com wrote:
> while I like the lrp distro, the issue of requiring
> a non-anon ftp server does pose a problem with a 486, 16mb.
> of course this depends on what is being ftp'd, but
Nah, I doubt that system resources would be an issue for that. Aside from
not being able to put much stuff on the floppy. Would there even be room
for the ftpd and it's necessaries?
> lrp ceases to be lrp (the way it was intended to run) when
> leaving hard drives hooked up and mounted.
Or running FTP. Right. A good part of what makes LRP, or any other serious
firewall configuration, secure is exactly that it doesn't run a bunch of
unnecessary (w.r.t. being a firewall) services, which automatically
eliminates a majority of the sources of security bulletins - and system
break-ins. Having only a severly restricted amount of ramdisk for the
cracker to play aorund in is probably another very good feature in the event
that a break-in does occur, and mounting any writable drive (read: any drive
that isn't write-blocked in hardware) affords the hypothetical cracker more
resources to play with. Something like a CD-ROM with *nothing* executable
on it (not just nothing with execute permissions - you have to assume
he's got root and can get around any filesystem permissions) would seemto be
safe, but that's about it.
As I said just recently (but I think that was in a a newsgroup discussion),
this may be a higher level of paranoia than is warranted for a home user.
Unfortunately, you'll never know for sure unless you do get cracked, and
that's a little late. :-(
-=-
Linux Users Of Northern Illinois: General Discussion Mailing list.
For unsubscription, archives, and announcements only see http://luni.org
This archive was generated by hypermail 2b29
: Thu Feb 01 2001 - 10:29:57 CST