[rescue] Fair Warning RPC Worm
Daniel de Young
daniel at velvetsea.com
Tue Aug 12 13:40:18 CDT 2003
On Tue, 2003-08-12 at 11:06, Curtis H. Wilbar Jr. wrote:
> Depending on your network architecture... if there is a place on the
> ethernet where you can insert a firewall.. you can use OpenBSD as
> a firewall/filtering bridge. Completely transparent to traceroute, etc.
> Doesn't interrupt your network either... no reconfiguring, no routes to
> add, etc.
Amen!
> I use one with three ethernet ports... two for the bridge, and a third
> that connects to the inside switch that get's ip'd which is used as the
> interface to ssh into, etc for management.
It's been awhile, but I've used this config in the past with great
results.
> It is quite a sweet setup, very stable, and works terrific. I even used
> a 200MB IDE flash drive to avoide moving parts.... in theory the flash
> drive will eventually fail (it does have a /var that is written to for
> logs.... the theory was eventually to NFS mount that... but then if the
> NFS server went away I don't know what the firewall would do... so I
> never did go that route).
Sounds sweet.
-Daniel
More information about the rescue
mailing list