Which Red Hat?

J C Lawrence claw at kanga.nu
Mon Feb 17 21:35:30 PST 2003


On Mon, 17 Feb 2003 19:01:18 -0800 
Rick Moen <rick at linuxmafia.com> wrote:

> [Concurring with J C:} 

Damn it rick, you're going to embarrass somebody if you keep that up.

Quoting J C Lawrence (claw at kanga.nu):

>> I like making security equipment from atypical hardware platforms.
>> Sure, use a "standard" OS (*BSD, Linux, whatever), but run it on
>> something interesting.  Run it on Alpha, on MIPS, on PA-RISC,
>> something not x86.

> I like this idea, a lot.  For one thing, buffer overflows are much
> less of a problem on anything but x86.  

Not really.  They're still a problem, its just that the exploits
commonly found on cracker sites tend to be written with x86 in mind and
don't adapt cleanly to other platforms.  Its also worth remembering that
buffer/stack based exploits are just one possible exploit path among
many.

> One recurring problem is that _cheap_ non-x86 hardware only rarely can
> be conveniently made to have two reliable ethernet interfaces.  If you
> can find them used, NetWinders (StrongARM-based or Transmeta Crusoe)
> are good, being small, low-power, and quiet.  They came with one
> 10Base-T and one 10/100 port.

Alpha based Multias are another fairly readily available solution.  Get
the right model and they have an open PCI-slot in addition to the 10bT
on the mother.  Throw a 4-port NIC on there and you can build quite a
nice little router/firewall (done that).  SGI Indy's (the purple
mini-towers) also tend to be readily available and extra NICs for them
are cheap enough.

> Occasionally, you can find very cheap, low-end x86 laptops with two
> PCMCIA ports (e.g., late 486).  Comes with its own UPS.

Weirdstuff used to have a readily supply of such.  Unfortunately, by
definition they're x86.

-- 
J C Lawrence                
---------(*)                Satan, oscillate my metallic sonatas. 
claw at kanga.nu               He lived as a devil, eh?		  
http://www.kanga.nu/~claw/  Evil is a name of a foeman, as I live.



More information about the Baylisa mailing list