Not to mention such a system doesn't have the ability to log (or do any other such important tasks).
Paul. -- Paul Armstrong <[EMAIL PROTECTED]> Cybersource Pty/Ltd. System administration and development. Floor 9 / 140 Queen St. Melbourne. Ph: 9642 5997 Fax: 9642 5998 On Mon, Feb 11, 2002 at 03:10:26PM -0600, Ron DuFresne wrote: > As far as I can tell, talking with the writer of the article and others > after it;s release, little testing has been done to determine if such a > setup can withstand any significant attack or probing in a setting whence > the traffic loads were more then minimal and or the rules installed were > also, more then minimal also. Little testing under stressful conditions > has yet been preformed to determine is such a device is ready for > primtetime, YMMV... > > Thanks, > > Ron DuFresne > > On Sun, 10 Feb 2002, Kim, Cameron wrote: > > > So After reading the article, Have you heard of anyone doing this with > > Solaris or FreeBSD? Or even with a Application layer product like Checkpoint > > or Raptor? In theory.. It may be possible > > > > -----Original Message----- > > From: David Lang [mailto:[EMAIL PROTECTED]] > > Sent: Friday, February 08, 2002 6:33 PM > > To: David Endler > > Cc: [EMAIL PROTECTED] > > Subject: Re: running a firewall in halted state > > > > > > yep, been doing it for years. the fun part is explaining to auditors why you > > are having to reboot the box when they ask you to show you it's config > > :-) > > > > if you can get away with packet filtering and are willing to go without logs > > it sure eases concerns about vunerable services on the box (the only bug > > that can bite you is a kernel bug and they are _Very_ rare) > > > > David Lang > > > > > > On Fri, 8 Feb 2002, David Endler wrote: > > > > > Date: Fri, 8 Feb 2002 16:21:39 -0500 > > > From: David Endler <[EMAIL PROTECTED]> > > > To: [EMAIL PROTECTED] > > > Subject: running a firewall in halted state > > > > > > Here's a link to a Sys Admin Magazine article about how to run a linux > > > firewall in halted state. pretty cool idea. > > > > > > http://www.samag.com/documents/s=1824/sam0201d/0201d.htm > > > <http://www.samag.com/documents/s=1824/sam0201d/0201d.htm> _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
