[ previous ] [ next ] [ threads ]
 From:  "Pavel A. Grodek" <m0n0wall at abletools dot com>
 To:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall-dev] Re: MFS
 Date:  Sat, 29 Oct 2005 13:41:55 +0400
Hello Paul,

Saturday, October 29, 2005, 6:57:35 AM, you wrote:

PT> be easily penetrated.)  If your Monowall machine gets hacked and
PT> you want to ensure it's safe, unplug the WAN and reboot.  We all
PT> know that if a piece of malware takes hold on your Windows box,
PT> there is no telling how far it will embed itself in the system...
PT> A simple reboot will do nothing in Windows to get rid of
PT> malware... Hmm... Perhaps an MFS version of Windows?.. :)  But
PT> seriously....

I don't really think this is a really important consideration.
Basically, if you've been hacked once, it would be trivial to hack you
again after you reboot back to your original image.

Such things as ability to boot from some ancient CD-ROM drive and have
less hardware to break in this computer and easily survive random
reboots are much more important.

PT> I will admit that the built-your-own MFS approach may be more work
PT> than a lot of people are willing to go to get started...  But, I
PT> would be willing to say that if someone close to the project would
PT> create known-good development VM's and then wrote a bit of
PT> instruction just explaining the layout and how things work in
PT> general, I imagine that we'd have more active developers on the
PT> project...

I have to agree - with a pre-made development VM a lot of development
tasks would be accessible to people who don't want or just don't have
time to do everything from scratch, but are willing to help.

Best regards,
 Pavel                            mailto:m0n0wall at abletools dot com