Search Web Pages


With the appearance of kernel 2,4, Linux is able to give the same functionality that fire-resistant the commercial ones more advanced. Logically, different projects within the community Open Source arise to take advantage of these possibilities, but in general they are oriented to facilitate the configuration of the main tool, IPTABLES, of a simple form.

Our intention is to go a little further on and to develop or to integrate a complete solution to be able to give to the services of a professional equipment Cisco type. Although he is feasible to integrate some of the functionalities commented here in a conventional equipment (way servant bastion), we think that the computer science security requires of specific equipment destined to assure it. Therefore, the first premise is the one to develop a distribution that only makes the fire-resistant workings of and some associates to this function, but that does not integrate services like the Web server or of mail that only does that to increase the vulnerability of the system.

Also some solutions disk based of 3 1/2", the most famous of them Linux Router Project exist. These solutions are very well if it is desired to reuse of simple form an out of phase hardware, but in general they are not valid for modern solutions of hardware, that very possibly do not integrate a disquetera. Another possibility would be the one to use a hard disk for the fire-resistant ones. In general this is a solution simple to implement but if firewall well is designed it wastes the great majority of his capacity of storage. In addition, its use adds a mechanical element more to the system, which results in a certain loss of reliability. The options that we have left are two: the Compact Flash and a Disk On Module (SUNDAY). First they are now very economic due to the proliferation of digital cameras that use them and will be the option preferred for this project. SUNDAY they are expensive but very trustworthy, and tell on the advantage that to all the effects they behave as a hard disk. That we base our efforts on the Compact Flash does not mean that it is not possible to install this solution in a hard disk or a SUNDAY, depending on the spending power and the circumstances of each user. Unfortunately, the disc use of 3 1/2"is discarded by the minimum size that it will have the distribution.

A project similar, based on linux with kernel 2,4 and oriented to the Compact Flash, Wolverine call exists already (old Embedded Coyote Linux). The problem is that it is not easy to accede to her and too much uses some distinguished developments. In fact, ENEO Technology was considering their use for a very recent project, when his author decided to eliminate the unloading possibility, forcing to the purchase of a CD Aside from the difficulties that implies this decision, already rained on dunked by that it took in the past and it was decided that this project did not follow the essence of a Free development.

The other project which we considered more proximo to LINCE is Bering, a LEAF branch (Linux Embedded Appliance Firewall). Also it is based on Linux with kernel 2,4 but too much it is oriented to the disc of 3 1/2"and that limits some decisions of design excessively. Since it is a very alive project, with a spirit very opened and of a proven quality, we think that the best option is to maintain to us as far as possible nearest that project that is viable. In my opinion, the best thing would be to make a evolution of Bering to the Compact Flash, but maintaining most possible one of code in common. This would enormously facilitate the updates to us of the system and it would give access us to all his base of betatesters. In fact, we are going to propose Jacques Nile, its main impeller the integration of LINCE within LEAF.

  • Created on 2004-03-15 22:54:43 by mhnoyes
  • Updated on 2004-03-27 09:16:40 by mhnoyes

 Printable Version

Hosted on Get LEAF Linux Embedded Appliance Framework at Fast, secure and Free Open Source software downloads, and powered by phpWebSite.