--- sirsky wrote:
Another possible solution is to simply run the firewall in a 'halted' state.
I'll explain. Basically when you halt the machine, everything shuts down, all userspace programs are killed, all filesystems are unmounted (and unmountable), modules unloaded, etcÂ… and you're left with a machine that's dead to the world, and a message that tells you that you can turn off the PC.
I always forget about that option, but wouldn't you want at least one other process running other than networking and iptables? I like to get reports from time to time of attempted break-ins. Since the drives are not mounted there would need to be a way to gather this information and report it somewhere, like via email or writing to a remote drive? Perhaps even a CD? Writing to a remote CD might get a bit costly under heavy fire, but nmight be attractive for a commercial server.
Also, I notice that Symantic took such a beating on their "IE is safer than Firefox" article they've revisited that analysis and say well were probably were kinda well .. you know ... wrong about that. Sorta. Somewhat. Who would of ever thought it? ;')
Brian JD