Skip to main content

Hardware Firewall

The best firewall is a hardware firewall that is completely separate from your operating system. It need not be a dedicated router, could be an old pentium box running Linux. Below I have found some sites that have How To's on setting up an outside hardware router using an old computer and using a little linux program that fits on a single floppy disk.

Brief Description:
floppyfw is a router with the advanced firewall-capabilities in Linux that fits on one single floppy disc.

Features:
Access lists, IP-masquerading (Network Address Translation), connection tracked packet filtering and (quite) advanced routing. Package for traffic shaping is also available.
Requires only a 386sx or better with two network interface cards, a 1.44MB floppy drive and 12MByte of RAM ( for less than 12M and no FPU, use the 1.0 series, which will stay maintained. )
Very simple packaging system. Is used for editors, PPP, VPN, traffic shaping and whatever comes up. (now this is looking even more like LRP (may it rest in peace) but floppyfw is not a fork.)
Logging through klogd/syslogd, both local and remote.
Serial support for console over serial port.
DHCP server and DNS cache for internal networks.

floppyfw

http://www.zelow.no/floppyfw/

Sentry Firewall CD-ROM is a Linux-based bootable CDROM suitable for use as an inexpensive and easy to maintain firewall, server, or IDS(Intrusion Detection System) Node. The system is designed to be immediately configurable for a variety of different operating environments via a configuration file located on a floppy disk, a local hard drive, and/or a network via HTTP(S), FTP, SFTP, or SCP.

The Sentry Firewall CD is a complete Linux system that runs off of an initial ramdisk, much like a floppy-based system, and a CD. The default kernel is a current 2.4.x series kernel with various Netfilter patches applied. An OpenWall-patched current 2.2.x kernel is also available on the CD.

Booting from the CDROM is a fairly familiar process. The BIOS execs the bootloader(Syslinux) - which then displays a bootprompt and loads the kernel and ramdisk into memory. Once the kernel is running, the ramdisk is then mounted as root(/). At this point our configuration scripts are run(written in perl) that configure the rest of the system. It is the job of these configure scripts to put the various startup and system files into the proper location using either what is declared in the configuration file(sentry.conf) or the system defaults located in the /etc/default directory.

Most of the critical files used at boot time can be replaced with your own copy when declared in the configuration file. This is essentially how we allow the user to configure the system using his/her own configuration and init files.

All of the binaries, files, scripts, etc, used to create the CD-ROM are also available on the CD-ROM. So, with a little practice, you can easily build and customize your own bootable Sentry Firewall CD. Please see the HOWTO for more details.

Sentry Firewall
ht*p://www.sentryfirewall.com/docs.html#overview

Comments

Popular posts from this blog

File and Folder Permissions

Windows XP Professional boxes running the NTFS file system have the capability to set indi vidual file permissions on both files and folders. File and folder permissions allow you to specify exactly who will be able to read, write, execute, and even list or access a folder. So, file and folder permissions can be a very powerful tool to protect your data from others' eyes. If your file system is FAT32, then you will not be able to set permissions. Fortunately, an easy way exists for you to convert your FAT32 file system to NTFS. Do a search in the Windows Help and Support Center for Convert to NTFS and you will be shown directions on how you can go about converting your drive's file system. Setting the permissions on with a lot of control requires you to disable simple file sharing and security. To do so, follow these steps: 1 . Open up any folder on your computer and expand the Tools menu and select Folder Options. 2 . Click the View tab and scroll to the bottom of the Adv...

Install Windows xp Very Fast

Now, this tip will be very helpful for those who frequently install windows xp operating system. Normally OS installation takes around 40 minutes to complete, but through this trick you can now save 10-15 minutes. This simple tricks goes this way. 1. Boot through Windows XP CD . 2. After all the files are completely loaded, you get the option to select the partition. Select “c”. 3. Now Format the partition, whether it is normal or quick with NTFS or FAT 4. Once the formatting is completed, All the setup files required for installation are copied. Restart your system by pressing Enter. Now, here begins the Simple trick to save 10-15 minutes. 5. After rebooting, you get a screen where it takes 40 minutes to complete or finalize the OS installation. 6. Now, Press SHIFT + F10 Key ->  This opens command prompt . 7. Enter “Taskmgr” at the command prompt window. This will open Task Manager. 8. Click the Process Tab, here we find a process called Setup.exe -...

10 Ways To Access Blocked WebSites

Websites like facebook, twitter and other social networking sites are generally blocked in schools, colleges and offices. There exist some tricks by which you can bypass the restrictions and access blocked sites, the most obvious is the use of proxies or Anonymizer websites. But using proxies doesn’t always works as they gets blocked by firewall as well . Here I am listing some other methods to access blocked contents. 1. Use IP instead of URL Each website has its equivalent ip address . This method works best when blocked sites are stored as a list of URLs  .You can use  ip address  to access blocked contents . For example to access facebook you can use  ip address 69.63.189.11 in your address bar . You can use ip-address.com to find the ip address of other websites . 2. Use Google Cache All major search engines like Google yahoo and Bing stores cached pages of websites themselves . You can access blocked websites by viewing their  cached copy on search...