[svlug] GFS presentation at BayLISA

Dagmar d'Surreal dagmar at dsurreal.org
Thu Feb 15 01:48:01 PST 2001

Previous message: [svlug] GFS presentation at BayLISA
Next message: [svlug] Help: nfs: RPC call returned error 111
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 14 Feb 2001, Tom Geller wrote:

> This is being forwarded by request from Matt O'Keefe of Sistina 
> Software, Inc. <http://www.sistina.com>.
> 
> 
> ---begin---
> 
> Hi,
> Ken Preslan of Sistina Software will give a talk on the latest
> GFS developments, including the FreeBSD port, at the montly
> BayLISA meeting in Palo Alto, CA this Thursday, Feb 15th, at 7:30pm.

For those of you who haven't checked this out yet, if it does what it says
it's fairly leet.  It allows one to build an "airgap" firewall like what
is sold by a few vendors for a ridiculous amount of money, since you can
have two machines able to use the same storage device at the same time.  
One gets a query, examines it, writes it to the storage unit and waits for
a response file to appear.  The other machine sees the query file, does
whatever with it, and writes the response file back to the storage device
and erases the query file.  The outer machine returns the contents of the
response file back to the remote client, erases it and gets on with life.  
Granted, it's fairly heavy-handed approach to stateful inspection, but
it's not as hard to implement securely considering that the inner machine
doesn't have to be connected to any public network segments at all.

Previous message: [svlug] GFS presentation at BayLISA
Next message: [svlug] Help: nfs: RPC call returned error 111
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list