Whole document tree

Whole document tree

Sentry Firewall CD HOWTO: Introduction Next Previous Contents

1. Introduction

This is the long-overdue Sentry Firewall CDROM howto. I hope this document helps get you started using the Sentry Firewall CD and answers any questions you might have regarding how the system works. The most current version of this howto can be obtained at the following URL: http://www.SentryFirewall.com/files/howto/.

If you would like to add anything to this document, or if you have any questions or comments please feel free to email me, Obsid@Sentry.net.

1.1 What is the Sentry Firewall CD?

The Sentry Firewall CD is a Linux-based bootable CDROM suitable for use in a variety of different operating environments. The system is designed to be configured dynamically via a floppy disk or over a network. This allows one to configure the system dynamically, eventho much of the actual system is on read-only(CDROM) media.

1.2 Why would I use a CD-based firewall or server?

There are several advantages of using a CDROM based system in various security related environments. The main system is centered around the ramdisk; a compressed file system image which is loaded into RAM at boot time. Any changes to the ramdisk image are temporary, and will be undone upon the next reboot. Furthermore, the ramdisk, kernel, binaries, etc, related to the operating system are kept on read-only media(CDROM). This means that if the security of a box running a CDROM based system is ever compromised the attacker can at best own the box until the next reboot. So there is no real threat of having to go through the tedious task of rebuilding and hardening the system after a successful attack is discovered.

1.3 I'm a Linux newbie, will Sentry Firewall CD be a good choice for me?

At the moment, the Sentry Firewall CD is based on a pretty generic Slackware Linux system. You should probably be somewhat familiar with Linux and how to configure the system in order to get the most use out of the CD. But, even if you are a Linux newbie, I encourage you to give it a shot anyway - it's free, after all.

But, basically, there are no GUIs, no scripts to do it for you. The idea behind the configuration of the CD is that you are able to reconfigure the system by replacing the startup scripts and the various system and configuration files present on the system at boot time. Most of these are simply text files and shell scripts that you need to edit by hand in order to configure properly. There are, however, usually plenty of resources available to assist you in configuring a specific service or daemon(HOWTOs on linux.org, for example).

1.4 Minumum Requirements

  • x86 computer with CD-ROM
  • BIOS that supports the eltorito standard(booting from the cdrom).
  • 32MB RAM(64MB or more recommended)
  • Easy access to coffee/tea/soda or equivalent stimulant.
  • Floppy disk drive(optional)

1.5 Copyrights and Disclaimer

The current copyright and disclaimer can be found on the website; http://www.SentryFirewall.com/files/COPYRIGHT. It applies to the Sentry Firewall CD, and all the scripts and documentation associated with it.

Next Previous Contents