Rolling your own firewall

Wednesday, 9 April 2003, 1:43 PM EST

I've been hearing a lot of talk lately about firewall appliances and how much of a pain they can be to use. Many of them tend to be Windows-specific in various ways, or they don't have all the flexibility us Penguin-heads have come to know and love with iptables. So, I decided to see exactly how much pain is involved in rolling your own firewall.

A visit to the scrap closet netted me a beautiful little machine: a Dell 486D/50, with 16MB of RAM, an 854MB Western Digital hard drive, a floppy and a 3Com 3C509 NIC. Add to that a Viking V.90 external modem, a second-hand 14" monitor and a keyboard to do the install with (the sticker on the monitor says $29.95), and we're ready to rip.

With all that hard drive space sitting there (you, in the back, stop snickering), I thought I'd go for something a little more powerful than your average floppy-based distribution. Indeed, I fired up LEAF for a few minutes, but realized I wanted a bit more. I had been looking at Pebble, a Debian-based mid-sized distribution, for a while, and it looked perfect for the job. Pebble is designed to run on a 128MB Compact Flash chip, but it works easily with other devices, including CD-ROM. It mounts root read-only and keeps the log files and other writables on a 10MB RAM disk; you can pull the plug on the box and lose only the logs. Pebble also is ext3-based, so if you lose something while tweaking the box, you don't have to fsck, which can be slow and painful on a 486.

[ Read more ]


The big picture of protecting and securing Big Data

Today almost every company is dealing with big data in one way or another – including customer data, tracking data, and behavioral marketing information – connecting every aspect of our lives. While this is a cutting edge use of technology, data monitoring can become dangerous when placed in the wrong hands.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Aug 28th