On Aug 15, 2013, at 9:18 PM, Brandon Martin <lists.nanog@monmotha.net> wrote:
As to why people wouldn't put them behind dedicated firewalls, imagine something like a single-server colo scenario.
I have asked about this on other lists, but I'll ask here. Does anyone know of a small (think Raspberry Pi sized) device that is: 1) USB powered. 2) Has two ethernet ports. 3) Runs some sort of standard open source OS? You might already see where I'm going with this, a small 2-port firewall device sitting in front of IPMI, and powered off the USB bus of the server. That way another RU isn't required. Making it fit in an expansion card slot and using an internal USB header might be interesting too, so from the outside it wasn't obvious what it was. I would actually like to see the thing only respond on the USB side, power + console, enabling consoling in and changing L2 firewall rules. No IP stack on it what so ever. That would be highly secure and simple. -- Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/