Sentry Firewall CD 1.5.0 RC16 reviewDownload
Sentry Firewall CD-ROM is a Linux-based bootable CDROM suitable for use as an inexpensive and easy to maintain firewall, server, or I
Sentry Firewall CD-ROM is a Linux-based bootable CDROM suitable for use as an inexpensive and easy to maintain firewall, server, or IDS(Intrusion Detection System) Node. The system is designed to be immediately configurable for a variety of different operating environments via a configuration file located on a floppy disk, a local hard drive, and/or a network via HTTP(S), FTP, SFTP, or SCP.
The Sentry Firewall CD is a complete Linux system that runs off of an initial ramdisk, much like a floppy-based system, and a CD. The default kernel is a current 2.4.x series kernel with various Netfilter patches applied. An OpenWall-patched current 2.2.x kernel is also available on the CD.
Booting from the CDROM is a fairly familiar process. The BIOS execs the bootloader(Syslinux) - which then displays a bootprompt and loads the kernel and ramdisk into memory. Once the kernel is running, the ramdisk is then mounted as root(/). At this point our configuration scripts are run(written in perl) that configure the rest of the system. It is the job of these configure scripts to put the various startup and system files into the proper location using either what is declared in the configuration file(sentry.conf) or the system defaults located in the /etc/default directory.
Most of the critical files used at boot time can be replaced with your own copy when declared in the configuration file. This is essentially how we allow the user to configure the system using his/her own configuration and init files.
All of the binaries, files, scripts, etc, used to create the CD-ROM are also available on the CD-ROM. So, with a little practice, you can easily build and customize your own bootable Sentry Firewall CD.
Here are some key features of "Sentry Firewall CD":
Current Linux Kernel: 2.4.28-ow1
OpenWall security patch(-ow1).
Ebtables bridge+netfilter patch.
Modules-off patch [ More Info | Patch ]
Snort IDS v2.2.0
OpenSSH and OpenSSL
Many other daemons and binaries you may need -- Apache, Sendmail, Squid, Perl, BIND (static/chroot), and more.
Sentry Firewall CD 1.5.0 RC16 search tags