From owner-freebsd-chat Sun Dec 22 23: 5:49 2002 Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6381F37B4A4 for ; Sun, 22 Dec 2002 23:05:44 -0800 (PST) Received: from marvin.bsdng.org (24-159-239-62.jvl.wi.charter.com [24.159.239.62]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0E08C43ED8 for ; Sun, 22 Dec 2002 23:05:42 -0800 (PST) (envelope-from mkm@ieee.org) Received: from marvin.bsdng.org (localhost [127.0.0.1]) by marvin.bsdng.org (8.12.6/8.12.6) with ESMTP id gBN11LGv007007; Mon, 23 Dec 2002 01:01:45 GMT (envelope-from mkm@ieee.org) Date: Wed, 6 Nov 2002 07:54:03 -0600 From: Kyle Martin To: Nathan Mace Cc: chat@freebsd.org Subject: Re: Does this exist? Message-ID: <20021106135403.GA82947@marvin.bsdng.org> References: <119245048150.20021105193336@myrealbox.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <119245048150.20021105193336@myrealbox.com> User-Agent: Mutt/1.4i Lines: 41 Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Nov 05, 2002 at 07:33:36PM -0500, Nathan Mace wrote: > Date: Tue, 5 Nov 2002 19:33:36 -0500 > From: Nathan Mace > To: freebsd-chat@FreeBSD.ORG > Subject: Does this exist? > > first of all, I'm not sure this is the proper place to be asking this, > however as far as i know this mailing list isn't restricted to a > particular subject except FreeBSD in general. > > that said, my question is this: > > Are there any open source projects out there that are working on > making a slim OS that will boot off of a CD, load itself into memory > and run from completely within RAM, and never touch a hard > drive.......now i know there are...there are several "live" Linux CD's which > do this but let me finish my question.........are there any that can > do this, and are aimed at firewall's? > > as cheap as RAM for PC's is now, why couldn't a company afford to buy > say 512* megs of ram and have a firewall that runs totally in ram and > boots from a CD-R? think about that for a second. if system got > comprised, what could the "bad guy" do? he couldn't install anything that > would last because as soon as the sys-admin discovered he was there, > they could re-boot the machine, and since it boots off of a read-only > "hard drive" you know that it hasn't been comprised, and the ram that > it uses for a temporary hard drive would be instantly formatted. granted if > someone got in once they can do it again as soon as the machine was up > and running again......but how is that any different than a machine > that runs off of a hard drive? you would still have to wait on an > update or patch. and if you had this in a production environment you > could have a dedicated machine running FreeBSD and when the patch came > out you could install the patch to that box, and then burn a new image > that was created from that OS and boom. your firewall is not upgraded > picobsd(8) -- Kyle Martin mkm@ieee.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message