Yep...., except that the real information that is being transmitted by the firewall is inside an encrypted VPN. Also the file system itself is encrypted. The firewall won't accept SSH from just any system. It's locked down. I'm just trying to make it extremely difficult for an unauthorized user to get access to it. Rick. | | Way too much work with no tangible benefits. If you did all this, what is | to keep a malicious attacker from dropping in a $10 hub, then setting up a | monitoring station. He/She could just walk in occaisionally and get the | logs off, or worse, set up a cheap access point and just pull into the | parking lot, SSH into their sniffer machine, and get the logs that way. | | Physically secure the machines or don't think too hard about it. Stripping | the servers down to a CPU/RAM/HD and ethernet ports won't provide much | additional security. | |
