[ale] About that firewall machine [Was]Re: [ale] unidentified processes

Geoffrey esoteric at 3times25.net
Tue Dec 18 20:35:32 EST 2001


Thompson Freeman wrote:
> 
> I'm curious about what sort of firewall machine can be gotten these
> days. Obviously, an intel type proc with either a CDROM or other mass
> storage is available, but for one off projects are there any
> others? Massive compute horsepower isn't especially needed, so can
> something be assembled which draws perhaps 1-5 watts, carries at least two
> ethernet interfaces, and runs headless?

I've been looking into this lately.  There's really a ton of devices
that prety much meet these requirements.  They usually call them
dsl/broadband routers and they sit on the end of your dsl/broadband
device.  Actually, most will sit at the end of any ethernet connection.

I'll have two of them in place, hopefully by the end of the week.  One
is a combination router/dsl modem.  It does NAT and firewall stuff,
although I'll not be using any of it.

I'm also getting a device called Netgate which is a little larger then
my USR external modem.  It has 4 ethernet ports.  It is actually running
Linux and is being used by my employer to facilitate vpn connectivity to
the corporate network.  So, it does vpn, firewall, nat and I think it
can juggle.  I should be getting it tomorrow, so if anyones interested,
I can provide some more specific specs.

The reason I'm getting both devices is because when the Netgate fires up
the vpn, everything behind it is routed to the vpn and can not access
the internet. Since I've got some machines I want to have on the
internet all the time, I'll be putting the netgate behind the
dsl/router.  I'll have two static IPs one for the netgate device,
another for what will virtually be my 'other' network.

Going to be a lot of fun.

Again, anyone else want anymore info one these things, let me know and
I'll share what I have once I get these things in my grubby little
hands.

Also, go to http://www.pricewatch.com and check out the networking
router devices they list there.  Four < $100 they list a host of devices
that will do the routing, nat, firewall stuff.  I have no idea how good
they are, but there's a bunch of them out there.


--
Until later: Geoffrey		esoteric at 3times25.net

"...the system (Microsoft passport) carries significant risks to users
that
are not made adequately clear in the technical documentation available."
- David P. Kormann and Aviel D. Rubin, AT&T Labs - Research
- http://www.avirubin.com/passport.html

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list