[LUNI] CDROM based firewalls: Sentry & Redwall

[Carey Tyler Schug]

Nobody on this list is using Sentry or Redwall?  Or any other 
CDROM/Floppy only firewall?

I have been aware of floppy firewalls.  Maybe if there were a 
ready-to-go dual floppy, but my goals were:

1. Fully configured, no having to figure out and select the correct 
Ethernet card drivers (or, having to buy the correct card to match what 
is there)
2. additional functionality, like squid-guard, maybe mail virus 
scanning, honey pots, etc

Benefits of #1 are: 

--When a new version comes out, burn the cd and drop it in, no 
installation.
--If a new version fails, just put the old CD back into the machine.
--to set up a firewall from a friend, just copy the floppy config and 
burn another CD, if the hardware is a little different, it doesn't matter.
--If my PC dies, move the network cards and just drop the CD and floppy 
into a different pc
--if an Ethernet card dies, just drop in another card, not necessarily 
the same type.

Benefits of #2 include:

--this would require customization, but maybe I could add download-only 
TFTP for loading IOS on cisco routers & switches
--learn more tools
--maybe it could be used for anything else that needs to ALWAYS be up, 
though I realize one shouldn't put a lot on the firewall, as it is the 
only machine I never shut off.
--could it be a simple print server?

Times have changed.  There was a time when the finding an old PC not 
worth using for anything else, meant a 486 or Pentium 50 with 8 meg RAM, 
a dead hard drive and no cdrom.

I've got piles of cdrom drives (4x or so) not worth using anywhere 
else.  A Pentium 133 with 16 or 32 megs RAM isn't worth using on 
anything else either, so its the new low-end firewall machine.  The 
biggest problem is that the old machine may not boot directly from 
CDROM, so there might be a need for code on the floppy to boot from the 
cdrom drive.


Williamson, Brad wrote:

>If you're bent on not having a hard disk, take a look at FloppyFW
>http://www.zelow.no/floppyfw/ 
>