Date: Sat, 21 Dec 2002 18:39:34 -0800 (PST) From: randall ehren <randall@ucsb.edu> To: David Miller <dmiller@sparks.net> Cc: <freebsd-small@freebsd.org>, <freebsd-hardware@freebsd.org> Subject: Re: tripwire on compact flash Message-ID: <Pine.BSF.4.33.0212211831540.65268-100000@isber.ucsb.edu> In-Reply-To: <Pine.BSF.4.21.0212212118300.65406-100000@search.sparks.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> > i setup a freebsd system running off of a compact flash card. i know that CF
> > cards have a limited life of read & writes so i wanted to know if running
> > tripwire on the card was a bad idea...?
>
> It's fine if you have it mounted read only virtually all the time. You
> don't say what you're using the system for, so we really can't guess
> whether that's possible or not.
the machine is being used as a ipfilter firewall (in bridge mode) for our
network. i default it to being mounted read-only but currently use mount -uw
so that i can change my ipf.rules file. (and then mount -ur to set it back)
> As for tripwire, flash would be an OK place to store the checksums. it's
> better if you have physical access to the system to have to change a write
> enable switch on a removable media. If you're talking about a remote
> system flash is as good as anything else.
well the device sits in a network closet and only has one flash card in it. i
suppose we could stick a floppy drive on it, but i was mostly concerned about
the heavy read operations on the CF card and how damaging that would be.
thanks!,
-randall
--
:// randall s. ehren :// voice 805.893.5632
:// systems administrator :// isber|survey|avss.ucsb.edu
:// institute for social, behavioral, and economic research
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-small" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.33.0212211831540.65268-100000>