[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: brute force ssh attack



John Wendel wrote:
[snip]
> What I'd really like is for system files to be mounted read only.
> Maybe by having a hardware switch that makes the system disk read
> only. Booting from a DVD that contained everything except /var, /tmp, and
> /home would be another alternative. This of course requires that
> everyone cleans up their code to only update files in /var, instead of
> writing in /etc.

Most code does.  /etc is for configuration files, so you would only have
to remount it read-write to configure things.  You would also have to
remount to do any kind of software installs/updates.

> I'm sure some smart people have already worked out the details for a
> system like this. Anyone aware of this kind of work? I'd be interested in
> seeing it.

Just about all the "thin client" models use it.

-- 
William Hooper


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]