[CentOS] Re: Firewall frustration

Tue Jan 1 15:59:17 UTC 2008
Chris Mauritz <chrism at imntv.com>

Ugo Bellavance wrote:
> Mark Weaver wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> On Tue, 1 Jan 2008 08:57:22 -0500
>> Robert Moskowitz <rgm at htt-consult.com> wrote:
>>> Have you ever thought about how rare floppy drives are now?  At best
>>> you go with a bootable usb, if your notebook supports bootable USB.
>>> My Libretto does have a bootable floppy, but that is something extra
>>> to carry.  It will not boot from anything else (besides its HD).  My
>>> nc4010 (this notebook) will boot from usb.  My corp notebook (nc2400)
>>> is locked down; and I don't see any value at getting corp IT bent out
>>> of shape.
>>
>> why would you even think about using a Notebook computer as a firewall?
>> I was assuming you were going to delegate this task to an older machine
>> with sufficient resources to handle the task and not give the task to a
>> notebook computer.
>
> I guess he wants it to be portable.
>
> He seems to be knowing his requirements a lot better than we do.  It 
> looks like he wants an easy firewall that would boot for HD only, cost 
> nothing, and runs with usb ethernet devices.
>
> I really think he should carry an embedded firewall (like a soekris or 
> a wrap) with pfsense on it.

Old laptops make pretty good firewalls, I think.  They take little 
space, have a built-in battery backup and built-in keyboard/monitor to 
use when you are visiting the datacenter.   I have repurposed a couple 
of older laptops for these reasons since the machine doesn't need to be 
very fast to accomplish the mission.  A lot of 3-4 year old laptops cave 
in under the weight of Windows, but are really overkill for a simple 
unix firewall.  Better than sending them to the dustbin.

Best,