Dennis Glatting wrote:
>
> On Fri, 4 Aug 2000, Andre-John Mas wrote:
>
[SNIP]
> >
> > Though if the devices already use ethernet, then each device would
> > already have its own MAC address, and the IP address would be DHCP
> > assignable. As stated earlier once firewall/routers/DHCP server combos
> > come down in price, preferbly below $200, you will probably see these
> > devices as becoming standard. These devices would provide a level of
> > intrusion security and would be able to assign address to the devices
> > in the home, as is already done in most LANs.
> >
>
> Firewalls do indeed provide a level of security but they are also
> vulnerable to attack and code and configuration entropy -- there are many
> examples of this. Also, if you have a trusted party managing your HVAC
> system and that trusted part is cracked, a firewall will probably provide
> no defense.
>
I suppose what's needed here is some sort of EPROM, that stores an image
of
the system, and re-copies that image to main memory every day. The EPROM
could only be written to by pressing a hardware switch, otherwise it is
read-only. Since there are Linux based firewall solutions that fit on a
floppy, this sort of approach shouldn't be too difficult.
Andre
