Auto Mount USB

Roland Smith rsmith at
Mon Aug 18 21:15:01 UTC 2008

On Mon, Aug 18, 2008 at 04:21:41PM -0400, Brian Miller wrote:
> Not a big deal. I will be sure to just mount and dismount the USB drives
> manually. They are just there to store a config and log backup on the
> firewall.

If an attacker has gained access to the system, anything mounted locally
should be deemed unreliable.

> I am doing this so that if I have a failure or attack or some
> other type of crash. I will be able to check out the latest config and
> logs.

I suppose that you know that you can use syslogd to log to another
machine? And you could use logger(1) to read config files into the log.

That would be much safer because it's a one-way street. You can log to
another machine, but you cannot delete from the logfile on the other
machine, unless it's compromised as well.

[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914  B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url :

More information about the freebsd-questions mailing list