> > How do you protect against corruption/replacement of the daemon software
> > that checks the images?
>
> Keep it in physically unwritable media, like a CD-R in a CD-ROM drive.
Sure, for one box. How about for 200? With folks using all their CD
drives all day long to listen to music? Anybody can secure ONE box by
just turning off all the network services, but most of the solutions
like this don't scale worth a damn and are totally useless in a large
scale environment except for cleaning up the mess once a cracker has
come and gone.
rgb
Robert G. Brown http://www.phy.duke.edu/~rgb/
Duke University Dept. of Physics, Box 90305
Durham, N.C. 27708-0305
Phone: 1-919-660-2567 Fax: 919-660-2525 email:rgb@phy.duke.edu
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/