?

Log in

No account? Create an account
entries friends calendar profile adric.net Previous Previous Next Next
A post to debian-firewall: Re: auto apt, reiser, and other things we… - nil.enroll(aetheric_username, quantum_class_id)
yljatlhQo'! QIch lo'laltbebej!
adric
adric
A post to debian-firewall:

Re: auto apt, reiser, and other things we might better not do an firewalls

I've been conflicted about whether to use Debian or OpenBSD
(and now EmBSD) for some nearly-embedded firewall stuff
I'm hacking on. Here's the way I'd love for it to work
with debian:
install from woody/sid, rm stuff, install ness. debs
(I'd like to use reiser for unattended reboots,
so I'm watching that thread)
config 2.4.x iptables for no spoofing and stateful
(other fun box hardening tricks ..)
use LIDS (?!) to lock down the system so even root/uid 0 can't
fsck things up

every month or more often as needed, I ssh in to these things,
auth to LIDS to gain write access and apt in hotfixes,
checking md5 and gpg (!),poke around a bit and then lock
it back down, log out ..

Since none (?) of those nifty things are ready for production yet,
then plan is to use EmBSD /OpenBSD, but I'd be quite interested in your comments.. particulary about LIDS

-adric (post echoed on my LJ)

Current Mood: not at Innovox yet :(
Current Music: air conditioner

Leave a comment