DNSBOX’s security hardened Linux based operating system (OS) is a custom-built appliance ‘distribution’, developed by ApplianSys to maximise security and reliability. The OS has been stripped clean and locked down:
- Programs, services and files found on a standard Linux distribution that are not required for a DDI appliance are removed. This makes DNSBOX more secure and boot significantly faster than a standard Linux server.
- The appliance is protected by a fully configurable on-box firewall: ports are only opened in the firewall as needed when services are enabled. All other traffic is dropped.
- DNSBOX uses a read-only compressed file-system. This is best practice for appliances, being extremely solid and reliable. The fact that core operating system files are maintained read-only adds an extra security layer and avoids accidental damage from user errors.
The OS has a small footprint: once booted, it is retained in RAM, making it very fast.
 |