[LUNI] CDROM based firewalls: Sentry & Redwall
Carey Tyler Schug
SqrFolkDnc at comcast.net
Tue Dec 7 12:06:41 CST 2004
Nobody on this list is using Sentry or Redwall? Or any other
CDROM/Floppy only firewall?
I have been aware of floppy firewalls. Maybe if there were a
ready-to-go dual floppy, but my goals were:
1. Fully configured, no having to figure out and select the correct
Ethernet card drivers (or, having to buy the correct card to match what
2. additional functionality, like squid-guard, maybe mail virus
scanning, honey pots, etc
Benefits of #1 are:
--When a new version comes out, burn the cd and drop it in, no
--If a new version fails, just put the old CD back into the machine.
--to set up a firewall from a friend, just copy the floppy config and
burn another CD, if the hardware is a little different, it doesn't matter.
--If my PC dies, move the network cards and just drop the CD and floppy
into a different pc
--if an Ethernet card dies, just drop in another card, not necessarily
the same type.
Benefits of #2 include:
--this would require customization, but maybe I could add download-only
TFTP for loading IOS on cisco routers & switches
--learn more tools
--maybe it could be used for anything else that needs to ALWAYS be up,
though I realize one shouldn't put a lot on the firewall, as it is the
only machine I never shut off.
--could it be a simple print server?
Times have changed. There was a time when the finding an old PC not
worth using for anything else, meant a 486 or Pentium 50 with 8 meg RAM,
a dead hard drive and no cdrom.
I've got piles of cdrom drives (4x or so) not worth using anywhere
else. A Pentium 133 with 16 or 32 megs RAM isn't worth using on
anything else either, so its the new low-end firewall machine. The
biggest problem is that the old machine may not boot directly from
CDROM, so there might be a need for code on the floppy to boot from the
Williamson, Brad wrote:
>If you're bent on not having a hard disk, take a look at FloppyFW
More information about the luni