From owner-freebsd-security@FreeBSD.ORG Thu Nov 6 03:45:03 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5056D16A4CE for ; Thu, 6 Nov 2003 03:45:03 -0800 (PST) Received: from host185.dolanmedia.com (host185.dolanmedia.com [209.98.197.185]) by mx1.FreeBSD.org (Postfix) with SMTP id 023C243FEC for ; Thu, 6 Nov 2003 03:45:01 -0800 (PST) (envelope-from greg.panula@lexisnexis.com) Received: (qmail 38762 invoked by uid 0); 6 Nov 2003 11:45:00 -0000 Received: from greg.panula@lexisnexis.com by proxy by uid 82 with qmail-scanner-1.16 ( Clear:. Processed in 1.871692 secs); 06 Nov 2003 11:45:00 -0000 X-Qmail-Scanner-Mail-From: greg.panula@lexisnexis.com via proxy X-Qmail-Scanner-Rcpt-To: freebsd-security@freebsd.org X-Qmail-Scanner: 1.16 (Clear:. Processed in 1.871692 secs) Received: from unknown (HELO mail.dolanmedia.com) (10.1.1.23) by host185.dolanmedia.com with SMTP; 6 Nov 2003 11:44:57 -0000 Received: from lexisnexis.com (10.1.1.135) by mail.dolanmedia.com (Worldmail 1.3.167) for freebsd-security@freebsd.org; 6 Nov 2003 05:43:07 -0600 Message-ID: <3FAA3439.5040602@lexisnexis.com> Date: Thu, 06 Nov 2003 05:44:57 -0600 From: "G. Panula" User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.4) Gecko/20030918 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-security@freebsd.org References: <20031105180158.48435.qmail@web60408.mail.yahoo.com> In-Reply-To: <20031105180158.48435.qmail@web60408.mail.yahoo.com> X-Enigmail-Version: 0.76.7.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: FBSD All-in-one security box? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Nov 2003 11:45:03 -0000 twig les wrote: > Hey *, as I sweat through another day of crap dealing with an > all-in-one box (firewall, IDS, AVS, report generating, soon to > be a VPN server) I'm wondering if someone has started a project > to put some freeware together in some semblance of sanity on a > FBSD box. There's basically nothing that this box does that a > combo of IPFW (or another bsd filter), snort, ntop, and some > other freeware stuff can't do. > > As usual the problems I face stem from feature-overload, since > the vendor has one crappy feature and then adds another crappy > feature instead of fixing the first one so they can market the > box better. I'm thinking that since the tools I mentioned are > already fairly mature and robust, all that's needed is some > sewing and, when core functionality is achieved, a GUI. > > This sounds like a fun project IMO, but I don't want to > re-invent the wheel, especially when I have no spare time. > http://www.netboz.net/ is a self-contained bootable cd that provides firewall, nat, dns, dhcp and vpn(in beta currently). Just need a floppy to write configs to and you're off&running. yup, its fbsd based. I've only played with it a little, but it was solid enough. I think it is just missing IDS&AVS from your wishlist above. Online demo available at: https://demo.netboz.net/ greg