[ale] RE: [OT?][ale] smart routers?

Jonathan Glass jbjrglass at cox.net
Tue Aug 6 21:48:22 EDT 2002 

<stream of consciousness>
Interesting that you'd mention this.  My business partner and I have
been looking into this.  We have been trying to figure out how the best
way of deploying a 1U firewall/router.  The major point we've been
discussing is whether to make the router diskless or not.  I was
thinking it would be awesome to have the router software running off a
Bootable cdrom, but then I need to figure out how to update things
dynamically.  Some distros use a floppy...hmm.  I still have to be able
to redirect all logging to another host, as well as redirect all HTTP
traffic transparently to a squid circle.  

I wonder how small a linux install with squid, snort and iptables?

Anyone else feel like playing with something like this?  Any thoughts on
how to best deploy linux from ROM media while allowing customization?  
</stream of consciousness>

Jonathan


-----Original Message-----
From: Jonathan Rickman [mailto:jonathan at xcorps.net] 
To: ale at ale.org
Sent: Tuesday, August 06, 2002 8:56 PM
To: Christopher Fowler
Cc: Stephen Turner; ale at ale.org
Subject: Re: [ale] smart routers?


On Tue, 6 Aug 2002, Christopher Fowler wrote:

> Look at the Rebel routers.  My belief is that a properally executed 
> Linux embedded implementation can beat Cisco.  Problem is that many 
> people including me through together PC's to do the job.  This is fine

> at home but for business you need to get something that is reliable, 
> functional, secure, and has good warranty and support.  Cisco has all 
> these but some Linux firewall vendors have even better stuff.

I have no doubts that embedded Linux could theoretically topple IOS. But
in the context of Stephen's question, that's irrelevant. I also have no
doubts that Cisco engineers are studying open source code and borrowing
ideas for IOS. Sometimes I wonder why Cisco doesn't just open up IOS for
the community to poke, prod, hack, and improve. Sooner or later, the
Linux firewall vendors are going to put together a full featured router
that can act as a drop in replacement for Cisco equipment. Personally,
I'll be the first one in line to get one. IOS is a royal PITA. I'd much
rather see a bash prompt.

-- 
Jonathan Rickman
X Corps Security
http://www.xcorps.net


---
This message has been sent through the ALE general discussion list. See
http://www.ale.org/mailing-lists.shtml for more info. Problems should be

sent to listmaster at ale dot org.


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list