Embedded Firewalll (Score 1)

Your approach to securing a Linux firewall is an interesting exercise because it highlights the issues of many software firewalls that depend upon the host OS for their own security. 3Com sells an embedded firewall NIC that provides a packet filter which is managed by a management interface that runs off box. Thus, there is not even a management process on the protected host for an attacker to take control of. Even the firewall administrator cannot spawn a process on the firewall NIC. The NIC sends its audit data over the network to the firewall administrator's machine (encrypted of course). This allows the administrator to manage the firewall without being onsite. The embedded firewall on a NIC provides a very secure yet inexpensive firewall for single host. It is cheaper and smaller than dedicating an entire box. It also addresses the remote management and auditing issues others have raised. This makes is very interesting for remote machines that must be protected by an administrator at the central office. It should give you everything your halted firewall does plus remote management.