-
June 5th, 2002, 10:24 AM
#1
-
June 5th, 2002, 10:50 AM
#2
Hmmm... basically Link-Sys Router on a floppy? Well... I haven't had direct experience with these, but I've done nasty things (in the past) and burned BSD-like OS' to a CDROM and run them off of there. Yeah, it's a bit of a trick - and might be more than you wanted to do in this instance (you get to do neat little things like relocate swap, /var and other highly dynamic stuff in to memory - or at least to a writeable disk (much better for the preservation of said logs... LOL)). This tends to have a side-effect, however, of needing two systems... one to come up with the system on and the other being the actual system.
I'd further venture that you could likely do the same with an OpenBSD floppy... though I think that still wants two floppies to get its kernel and RAM disk loaded.
Blah, it's late... I should be thinking like this at this hour (or at least trying to make sense out of my writing)
\"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"
-
June 6th, 2002, 04:28 AM
#3
Junior Member
Coyote Linux is worth consideration.
http://www.coyotelinux.com
Where\'s the booze? -- Harry Dunne Dumb and Dumber
-
June 6th, 2002, 04:32 AM
#4
Member
Draziw,
Thanks... I should have known that it would be a bad idea, I just didn't give it enough thought (by brain was fried, I think )... So I guess I'll cough up another 75 to get enough parts to get another system set up... Oh well... That's all part of the game, so it's cool.
You're response did inspire a question or two, however...
Let's say I was to go ahead and burn my OS onto CDROM, get 128 megs of RAM (allocate 36 megs to system, 73 to /swap, and then 19 to /var... How difficult would it be to create a process that would send all the logs to an email address once the available space on /var reaches a certain point (and then flush each log, clearing up space for the process to start over)?
You mentioned something about needing a second system (why? or is that only if I wanted to use disk space, but didn't have a spare drive?)
If this is workable setup, then thats something that I would like to learn to do (maybe a future experiment in the planning).
I've heard about this once before, but it was way over my head at the time (two years playing with FreeBSD, and it seems that I've still only scratched the surface ). Is there a specific name for setting up a system like this (ie, how would I go about researching it)? Know of any good books on it?
Much thanks! (still soaking it in)
Rev
Many will ask, \"Where do you want to go today?\" because they\'re still scratching for ideas.
With *NIX, there\'s already a way. The sum of us just need roadmaps to get there.
-
June 6th, 2002, 06:24 AM
#5
If you are running one system(firewall) off of a CD, and you have your main system behind it, you could just run a syslog server of some type(yes they are out there for windows) on your main system and have your firewall send all important messages to that system.... There is no need to get so complex with email logs, etc.. etc..
Good Luck,
IchNiSan
-
June 6th, 2002, 07:11 AM
#6
Member
IchNiSan,
I had considered that, but it would present nasty problems if my main system (I'm assuming you're talking about my web/mail server) had to be shut down or disconnected (for updating purposes, etc...).
I could be wrong, but it seems to me that the more independant a system is, the better it is for the entire LAN. The only desireable "co-dependancy" on my LAN is in regards to Internet access. It just seems that is the best way (like I said, I could be wrong because I know there's a world of possibilities out there, and I still consider myself a newbie to *NIX).
Thanks for the input, though. (besides, it's not like this is something I'm going to do right away... I definately want to learn how, but it will have to be a future project...)
Best regards,
Rev
Many will ask, \"Where do you want to go today?\" because they\'re still scratching for ideas.
With *NIX, there\'s already a way. The sum of us just need roadmaps to get there.
-
June 7th, 2002, 03:41 PM
#7
There's a linux-based-firewall-router-on-a-floppy called BBIAgent. That would do everything you need and you don't need much of anything to run it.
The page is www.bbiagent.com .
We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.
-
June 7th, 2002, 04:27 PM
#8
I use Freesco at home it's really very good.
The config is simple enough for anyone who knows enough about IP to be setting up a router anyway, no Linux knowledge is required (and indeed few Linux commands actually work)
It takes a while to boot from a floppy, and there doesn't seem to be any provision for backing the floppy up (except while the router is shut down), which is a pity (if you eject the disc, the router will start misbehaving in some respects as it needs to access this disc occasionally)
It has very low hardware requirements (8Mb 486), is pretty secure "out of the box" and works on most systems (Quite a few common ethernet cards are supported). A bit tricky to get right if you have non-plug and play ISA ethernet cards, but otherwise ok.
I run mine as a NAT router, DHCP server, DNS primary (for internal zone only!), and DNS cache. It also supports port forwarding but that's a bit ropey to set up.
-
June 7th, 2002, 05:26 PM
#9
Originally posted here by Vorlin
There's a linux-based-firewall-router-on-a-floppy called BBIAgent. That would do everything you need and you don't need much of anything to run it.
The page is www.bbiagent.com .
hehe... Vorlin, that's usually my reply... promoting BBIagent.
Indeed BBIagent is like freesco (perhaps even easier to use). It's pretty secure.
But for the particular problem in this thread, if I understand correctly, BBIagent is not the best choice cause it has less features then Freesco. Freesco can act as a simple bridge with up to 3 Ethernet segments or as a router with up to 3 Ethernet segments. While BBIagent only acts as a router / firewall / bridge between 2 ethernet segments.
WAN ----> LAN
Here the problem is:
Code:
WAN ---> LAN1
---> LAN2
However thx to promote BBIAgent
-
June 7th, 2002, 09:03 PM
#10
Member
Thx, all...
I spent a couple of hours playing with freesco, but decided to stick with that I have (FreeBSD) for the following reasons:
- blackhole settings?
- tripwire, AV scanner, sendmail daemon, etc (although I could install on HDD and have the necessary realty, but that would defeat my purpose)
- DoS attack "condom"
- securelevel?
Not that there's anything wrong with freesco, but I like the features I have set up now... It's no "biggie." Thanks again for the responses (esp draziw... You gave me lots to think about and definately inspired a future project)
Best regards,
Rev
Many will ask, \"Where do you want to go today?\" because they\'re still scratching for ideas.
With *NIX, there\'s already a way. The sum of us just need roadmaps to get there.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|