View Single Post
Old 03-27-09, 12:13 PM
  #13  
mlts22 
Senior Member
 
Join Date: Aug 2006
Posts: 998
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 0 Times in 0 Posts
The advantage of USB is that it is simple to use and requires no TCP/IP stack, network drivers, CIFS shares. Just plug in and go. Eventually I'd like to offer eSATA for a boot disk.

Here are the advantages of such a configuration that uses a LVM RAID 5 backend:

1: I can implement change logging technology where I can make a disk image, have any changes to a log partition and then on command, dump all changes, reverting back to the original partition. This is on a sector basis, below the filesystem. The advantage of this is that a machine can have a boot disk for testing to be reverted back, and no matter how bad the malware infection is, it is revertable no matter what.

2: I can mount the machine's filesystem read-only from the Linux side, make a snapshot using the LVM functionality while the machine is running, and do full or incremental backups of the filesystem, completely independant of the machine itself.

3: I can implement a dm-crypt loopback encrypted layer that uses a cryptographic tokens and a PINpad on the physical box. The PC that is plugged into it requires no drivers and doesn't care about the encryption as long as it can see the drive image.

4: I can implement a UFS filesystem layer so all writes are kept permanently and cryptographically signed with a timestamp by the machine. This allows me to create an external box that can be used for archiving of files for long term compliance to SOX and HIPAA.
mlts22 is offline