More specialty Linuxes to the rescue

Whether your focus is security, storage, music, or religion, there's a flavor of Linux that fits the bill

IPCop has no specific hardware requirements other than that the host be i386 based. (An earlier release supported the Alpha processor.) Documentation even boasts that obsolete hardware is frequently used to host an IPCop system. The system comes with a number of services: intrusion detection via Snort, the IPSec VPN system, and Web caching via squid. Perhaps its strongest feature is its wide range of status and logging information. IPCop produces real-time scrolling graphs of CPU usage and memory usage, as well as traffic statistics on each of the colored networks. You can also view a table of all connections established on each network.

Setup time is less than a half hour (depending on the complexity of your network), and the online documentation is sufficient even for someone setting up a firewall for the first time.

m0n0wall

With m0n0wall Linux, the hardware platform of choice is an embedded x86 PC, so it's no stranger to small memory spaces and modest processor power. The system officially supports embedded PCs from Soekris Engineering and PC Engines. Nevertheless, m0n0wall can run on a stock x86 PC. Documentation indicates that m0n0wall will live happily on a 486 with only 64MB of RAM.

When m0n0wall boots, the host system's screen displays a rudimentary text-based menu good only for setting fundamental parameters such as network cards' IP addresses, the administration GUI's password, and so on.

m0n0wall assumes two networks, WAN and LAN, each on its own NIC. The WAN is the unprotected, outside world; the LAN is the protected, private network. As with IPCop, interaction with m0n0wall is via the administration Web user interface, webGUI, available at a pre-defined IP address on the LAN side. The webGUI is well arranged in a two-frame format: The left frame holds the navigation pane, while editing takes place in the right frame.

From the webGUI, you have complete control over the system. This includes operations such as creating VPN and PPTP tunnels (m0n0wall comes with a PPTP server); configuring the DHCP server; and defining firewall and traffic shaping rules

The last item is the most interesting. You define firewall rules through a fill-in-the-blanks-style Web page form. Select the action (Pass, Block, Reject), the associated network interface, and the protocol to which the rule applies. You then enter filtering restrictions. For example, you can specify that a particular rule block packets coming from a range of source IP addresses or bound for a range of destination IP addresses.

Tags Linux

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Rick Grehan

InfoWorld

Comments

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?