On Thu, Nov 04, 2004 at 05:35:29AM -0500, Bryan J. Smith wrote:
> On Wed, 2004-11-03 at 00:31, Paul M Foster wrote:
> > I have a Coyote firewall that runs on an old 486 and boots from a
> > floppy. This machine will not boot from a CD-ROM. I'm looking to replace
> > it with a machine that will boot from a CD-ROM. Because of this, I'm
> > looking for a firewall distro that boots from a CD-ROM and _does not
> > require either a floppy or hard drive_. In particular, it must handle
> > PPPoE, but needn't have anything other than SSH and/or web interfaces
> > for management. Since we're talking about a machine with no hard drive
> > or floppy, it has to be capable of being modified on another machine,
> > and then a new CD burned when one wants to modify the configuration. Let
> > me state again-- I'm looking for a CD-based firewall that does _not_
> > require a floppy nor hard drive to operate.
>
> Where are you going to store your logs?
> Are you going to redirect syslog to another system?
> Or keep them in memory?
They will be (as now) directed to one of the consoles.
>
> Where is your IDS?
> On this firewall, or do you use another system?
> I ask because IDS logs can really add up.
>
The IDS is the logs. If I need to, I switch to that console and look at
the logs going by. Understand-- the only service advertised on the box
is SSH, and then only to local machines. Otherwise, it NATs and blocks
traffic to almost everything else. My logging level is very high, so
it's clear when anything's going on.
Paul
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 16:30:13 EDT