Hi, Last few days I have been thinking of remastering Knoppix for a firewall machine. The main aim is to: 1. Remove unnecasory packages to reduce the size of the CD 2. Recompile the Kernel to remove unnecasory drivers to reduce its RAM footprint 3. Configure Knoppix so that it reads a set of iptables rules from a write protected floppy.
This way I can boot the firewall machine from a CD, have ot read firewall rules from a write-protected floppy. Even if a cracker does manage to break into the system, they cannot change any of the binaries, and I can get back to a known state simply by rebooting. I was trying to find out if such a distro exists (dont want to re-invent the wheel...), and I did find a few... 1. CDFW (CD Firewal), based on RH 2. SentryFirewall, has 2 lines, one based on Slackware, and the other based on RH 3. Gibralter (this is still pre-release), based on Debian
Another solution would be to use a floppy based distribution such as: 1. Coyote Linux (they have stopped further work on the floppy distro, and they only support ipchains) 2. floppyfw
Has anyone used these or similar distros for a firewall? What are the implications of using a 'CD/floppy' based solution vs a 'only floppy' based solution.
Thanks Parag