Sentry Firewall CD -- Firewall/IDS Node on a CD-ROM

- Home -

- News -

- Overview -

- Documentation -

- FAQ -

- HOWTO -

- Download -

- Mailing Lists -

- Contact -

Sentry Firewall CD TM [ www.SentryFirewall.com | Sentry.SourceForge.net ]
CDROM-Based Firewall/Server/IDS(Intrusion Detection System)

Overview:

Sentry Firewall CD-ROM is a Linux-based bootable CDROM suitable for use as an inexpensive and easy to maintain firewall, server, or IDS(Intrusion Detection System) Node. The system is designed to be immediately configurable for a variety of different operating environments via a configuration file located on a floppy disk, a local hard drive, and/or a network via HTTP(S), FTP, SFTP, or SCP.

The Sentry Firewall CD is a complete Linux system that runs off of an initial ramdisk, much like a floppy-based system, and a CD. The default kernel is a current 2.4.x series kernel with various Netfilter patches applied. An OpenWall-patched current 2.2.x kernel is also available on the CD.

Booting from the CDROM is a fairly familiar process. The BIOS execs the bootloader(Syslinux) - which then displays a bootprompt and loads the kernel and ramdisk into memory. Once the kernel is running, the ramdisk is then mounted as root(/). At this point our configuration scripts are run(written in perl) that configure the rest of the system. It is the job of these configure scripts to put the various startup and system files into the proper location using either what is declared in the configuration file(sentry.conf) or the system defaults located in the /etc/default directory.

Most of the critical files used at boot time can be replaced with your own copy when declared in the configuration file. This is essentially how we allow the user to configure the system using his/her own configuration and init files.

All of the binaries, files, scripts, etc, used to create the CD-ROM are also available on the CD-ROM. So, with a little practice, you can easily build and customize your own bootable Sentry Firewall CD. Please see the HOWTO for more details.

Here is a short list of some of the packages contained on the CD-ROM -
NOTE: Version numbers reflect most recent release(stable or devel).

Current Linux Kernel: 2.4.28-ow1

OpenWall security patch(-ow1).
StrongSwan.
Ebtables bridge+netfilter patch.
Linux-WLAN modules.
MPPE patch.
Modules-off patch [ More Info | Patch ]

iptables v1.2.11.
ebtables v2.0.6.
OpenVPN.
IProute2 utilities.
Vconfig.
PPTP Client/Server.
Zebra
Snort IDS v2.2.0
Scanlogd
OpenSSH and OpenSSL
net-snmp
Webmin
NMap
Many other daemons and binaries you may need -- Apache, Sendmail, Squid, Perl, BIND (static/chroot), and more.

Documentation (All Branches) [Updated 01.16.05]

HOWTO(v1.4.0) - [ HTML | Printable HTML | PDF | Linuxdoc ]

Technical Documentation and Reference Guide (v0.7.0) - [ HTML | Printable HTML | PDF | Linuxdoc ]

FAQ

Readme

License/Copyright/Disclaimer

More Documentation and Utilities

Slackware Branch:

SENTRYCD(Main) SENTRYCD-DEVEL(Development)

Changelog Changelog

Sentry Configuration Scripts Sentry Configuration Scripts

Sample sentry.conf Sample sentry.conf

Floppy Disk Images Floppy Disk Images

CD Creation Scripts CD Creation Scripts

N/A Mkconfig Tool (HOWTO)

Bugs Bugs

Todo Todo

Depricated Branches:

SENTRYCD-RH(Main) SENTRYCD-RH-DEVEL(Development)

N/A Changelog

N/A Sentry Configuration Scripts

N/A Sample sentry.conf

N/A Floppy Disk Images

N/A CD Creation Scripts

N/A Bugs

N/A Todo