Rolling your own firewall

Wednesday, 9 April 2003, 1:43 PM EST

I've been hearing a lot of talk lately about firewall appliances and how much of a pain they can be to use. Many of them tend to be Windows-specific in various ways, or they don't have all the flexibility us Penguin-heads have come to know and love with iptables. So, I decided to see exactly how much pain is involved in rolling your own firewall.

A visit to the scrap closet netted me a beautiful little machine: a Dell 486D/50, with 16MB of RAM, an 854MB Western Digital hard drive, a floppy and a 3Com 3C509 NIC. Add to that a Viking V.90 external modem, a second-hand 14" monitor and a keyboard to do the install with (the sticker on the monitor says $29.95), and we're ready to rip.

With all that hard drive space sitting there (you, in the back, stop snickering), I thought I'd go for something a little more powerful than your average floppy-based distribution. Indeed, I fired up LEAF for a few minutes, but realized I wanted a bit more. I had been looking at Pebble, a Debian-based mid-sized distribution, for a while, and it looked perfect for the job. Pebble is designed to run on a 128MB Compact Flash chip, but it works easily with other devices, including CD-ROM. It mounts root read-only and keeps the log files and other writables on a 10MB RAM disk; you can pull the plug on the box and lose only the logs. Pebble also is ext3-based, so if you lose something while tweaking the box, you don't have to fsck, which can be slow and painful on a 486.

[ Read more ]




Spotlight

Windows 0-day exploited in ongoing attacks, temporary workarounds offered

Posted on 22 October 2014.  |  A new Windows zero-day vulnerability is being actively exploited in the wild and is primarily a risk to users on servers and workstations that open documents with embedded OLE objects.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Oct 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //