From owner-freebsd-security@FreeBSD.ORG Wed Nov 5 10:10:11 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 93FF616A4CE for ; Wed, 5 Nov 2003 10:10:11 -0800 (PST) Received: from amsfep16-int.chello.nl (amsfep16-int.chello.nl [213.46.243.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id E2E1343FBF for ; Wed, 5 Nov 2003 10:10:09 -0800 (PST) (envelope-from dodell@sitetronics.com) Received: from sitetronics.com ([213.46.142.207]) by amsfep16-int.chello.nl ESMTP <20031105180945.VAFA17017.amsfep16-int.chello.nl@sitetronics.com>; Wed, 5 Nov 2003 19:09:45 +0100 Message-ID: <3FA93CD1.1080508@sitetronics.com> Date: Wed, 05 Nov 2003 19:09:21 +0100 From: "Devon H. O'Dell" User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.4) Gecko/20030820 X-Accept-Language: en-us, en MIME-Version: 1.0 Cc: freebsd-security@freebsd.org References: <20031105180158.48435.qmail@web60408.mail.yahoo.com> In-Reply-To: <20031105180158.48435.qmail@web60408.mail.yahoo.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: FBSD All-in-one security box? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Nov 2003 18:10:11 -0000 twig les wrote: >Hey *, as I sweat through another day of crap dealing with an >all-in-one box (firewall, IDS, AVS, report generating, soon to >be a VPN server) I'm wondering if someone has started a project >to put some freeware together in some semblance of sanity on a >FBSD box. There's basically nothing that this box does that a >combo of IPFW (or another bsd filter), snort, ntop, and some >other freeware stuff can't do. > >As usual the problems I face stem from feature-overload, since >the vendor has one crappy feature and then adds another crappy >feature instead of fixing the first one so they can market the >box better. I'm thinking that since the tools I mentioned are >already fairly mature and robust, all that's needed is some >sewing and, when core functionality is achieved, a GUI. > >This sounds like a fun project IMO, but I don't want to >re-invent the wheel, especially when I have no spare time. > > Hey Twig, I'm currently working on one of these 'crappy appliances' as you call them (except this one rocks). It'd be helpful for us to know what kinds of problems your appliance has/what beef you have with it so we can make our better. Sorry that this reply is a bit off-topic, since you're looking for a freeware one. Perhaps when we've made our fortune on it we can be arsed to release it BSD-style (no guarantees though, of course :)). Hope to hear from you soon! Kind regards, Devon H. O'Dell