[CentOS] Re: Firewall frustration

Tue Jan 1 17:02:26 UTC 2008
Robert Moskowitz <rgm at htt-consult.com>

Chris Mauritz wrote:
> Ugo Bellavance wrote:
>> Mark Weaver wrote:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>> On Tue, 1 Jan 2008 08:57:22 -0500
>>> Robert Moskowitz <rgm at htt-consult.com> wrote:
>>>> Have you ever thought about how rare floppy drives are now? At best
>>>> you go with a bootable usb, if your notebook supports bootable USB.
>>>> My Libretto does have a bootable floppy, but that is something extra
>>>> to carry. It will not boot from anything else (besides its HD). My
>>>> nc4010 (this notebook) will boot from usb. My corp notebook (nc2400)
>>>> is locked down; and I don't see any value at getting corp IT bent out
>>>> of shape.
>>>
>>> why would you even think about using a Notebook computer as a firewall?
>>> I was assuming you were going to delegate this task to an older machine
>>> with sufficient resources to handle the task and not give the task to a
>>> notebook computer.
>>
>> I guess he wants it to be portable.
>>
>> He seems to be knowing his requirements a lot better than we do. It 
>> looks like he wants an easy firewall that would boot for HD only, 
>> cost nothing, and runs with usb ethernet devices.
>>
>> I really think he should carry an embedded firewall (like a soekris 
>> or a wrap) with pfsense on it.
>
> Old laptops make pretty good firewalls, I think. They take little 
> space, have a built-in battery backup and built-in keyboard/monitor to 
> use when you are visiting the datacenter. I have repurposed a couple 
> of older laptops for these reasons since the machine doesn't need to 
> be very fast to accomplish the mission. A lot of 3-4 year old laptops 
> cave in under the weight of Windows, but are really overkill for a 
> simple unix firewall. Better than sending them to the dustbin. 
I have a Dell notebook that functions as my backup Win2000 family 
finance system.

Next project is to see if I can reuse that old Toshiba 4000cdt box ;)