I was going over some of my old links (in backup CDs) and found this interesting link to creating 1.680MB floppy disks for use in floppy-based routers and gateways:
http://www.trevormarshall.com/byte_articles/byte19.htm
This made me think about the whole concept of the PC-based router/bridge. Floppy disks have the write-protect tab on them, making them easily switched (provided you have direct access to the PC) from write-protect to run the router, to flipping the write-protect tab for editing the router, and then flipping it back to write-protect once you are finished with the edit.
What can the modern PC-based router use to duplicate this nice combination of security and ease of editing? You can duplicate the security (and possibly make it better) with a write-once CD-R, but to make changes you have to write an entirely new CD. ReWritable CDs aren't a good idea precisely because they have no "write-protect tab". The same might go for a memory key, since there is no "write-protect tab" for a memory key.
I've been taking training classes with Cisco routers recently, and the one issue they all seem to have is that if someone manages to get past an interface password and then a configuration password (two words: "social engineering"), even without physical access to the router, they can change (and access) what they like. While I've been told there are ways around the write protect tab, it seems to me that having some form of physical write-protect on the media used to store configuration files would be a good idea for modern routers.
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com