I'm a big phan of SentryCD ( <a href="http://www.sentryfirewall.com/">http://www.sentryfirewall.com/</a> ) , although I think it's moribund at the moment. It's CD-based but runs boot scripts off a floppy drive so you can load custom packages or configure it for your hardware. <br>
<br>I use a couple of same-brand NICs mounted in an el-cheapo used Pentium 2 box which a buddy of mine fobbed off on me when I took some other hardware I wanted more from him. I think it has 128MB of memory, which is plenty for what I'm doing. You can probably buy an equivalent one at some place like MicroSeconds ( <a href="http://www.microseconds.net/?page=AboutUs&set_location=GA">http://www.microseconds.net/?page=AboutUs&set_location=GA</a> ) for less than $100 if absolutely necessary. Tearing the HD out and running a CD-based distro will lower your power requirements and keep things quieter -- definitely an asset in a house where you're paying for heat, cooling and power. Plus I think it makes the system more durable. I run the actual hardware 24/7 on a UPS and eventually the power-supply poops out. When that happens I spend a couple of hours transferring the NICs and reconfiguring the software and I'm back on the air. A box run in this fashion usually lasts 3-4 years for me.<br>
<br>My wireless network is set up with coova ( <a href="http://coova.org">http://coova.org</a>) on a WRT54GL connected behind my firewall. I'm still workin' out some details on this, but it's functional and (reasonably) secure I think. I'm running an open hotspot with a terms of service page, but coova also has a variety of other authentication options which might be useful depending on your circumstances. Much khouler than Linksys's shipped software, yet easier to configure than raw OpenWRT can be. And I'm with Bruce Schneier ( ( <a href="http://www.wired.com/politics/security/commentary/securitymatters/2008/01/securitymatters_0110">http://www.wired.com/politics/security/commentary/securitymatters/2008/01/securitymatters_0110</a> ) on offering a cup of internet to my neighbors.<br>
<br>-- CHS<br><br><br><div class="gmail_quote">On Wed, Nov 5, 2008 at 9:19 AM, Jim Lynch <span dir="ltr"><<a href="mailto:ale_nospam@fayettedigital.com">ale_nospam@fayettedigital.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">Geoffrey wrote:<br>
> Courtney Thomas wrote:<br>
><br>
>> Greetings !<br>
>><br>
>> I want to use a standalone Linux box, possibly running from a CD and through<br>
>> which all must pass, at least from the internet, that will be a firewall for<br>
>> my home LAN. But if running from a CD gains nothing, forget it. I have<br>
>> several older idle boxes if they'd suffice. I can also go wired or wireless,<br>
>> and am receptive to any setup.<br>
>><br>
>> What recommendation(s) do you have for such a box, please ?<br>
>><br>
><br>
> Smoothwall<br>
><br>
><br>
</div>Just curious, do you have to have a system with two NICs to run a<br>
firewall? From a security standpoint, it make sense but is it a requirement?<br>
<br>
Thanks,<br>
<font color="#888888">Jim.<br>
</font><div><div></div><div class="Wj3C7c">_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
</div></div></blockquote></div><br>