SourceForge Logo
theWall
a PicoBSD based firewall

Download
PC, DHCP floppy boot
PC, PPPoE floppy boot
Net4501, PXE netboot
Net4501, Compact Flash Statically linked Perl

Documentation
FAQ
Supported NICs
README (pc)
README (net4501 pxe)
README (net4501 cf)

Links
Home
Source Forge Summary
theWall BBS
Browse CVS repository
PicoBSD FAQ
FreeBSD Man pages
PicoBSD Copyright
Comments welcome!

More links...

 

Tools

No firewall is worth much unless it's been tested. I have found the following tools to be exellent.

nmap Nmap is considered by most to the THE definitive port mapper. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (ports) they are offering, what operating system (and OS version) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers, and both console and graphical versions are available.
Ethereal Ethereal is a free network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, viewing summary and detail information for each packet. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.
Nessus Nessus is a free, powerful, up-to-date and easy to use remote security scanner. A security scanner is a software which will audit remotely a given network and determine whether bad guys (aka 'crackers') may break into it, or misuse it in some way.
HTTPi HTTPi is a webserver written in Perl that's barely 10K in length that does not depend on any other Perl modules. HTTPi plus a statically linked version of Perl is all you need to add a web server to a Net4501 CF installation.

Hardware

Compact Flash to
IDE adapter
I've found the floppy drive and diskettes to be the most unreliable devices (next to fans that is) in computers today. No only that but 1.44mb ain't much these days. Compact flash cards are getting cheaper every day and are quiet and reliable. Unfortunately they don't plug into a standard PC. This adapter is the answer, plug the compact flash card into the adapter and then hook it to your 40 pin IDE ribbon cable.
Net4501 Soekris Engineering net4501. This is the card I replaced my old 486 firewall with. It's small and quiet.
NIC cards This is a good discussion of ISA NIC cards for OpenBSD that are still available on the market. If you PC has PCI slots then get a PCI card, otherwise you have no choice. Get them while you can!
FreeBSD and Solid State memory This article covers the use of solid state disk devices in FreeBSD to create embedded systems.

Background reading

Firewall FAQ Internet Firewalls: Frequently Asked Questions. General FAQ, not specific to any OS.
 
rootprompt "Building a FreeBSD firewall using IPFW". A detailed step by step article on setting up a Firewall. rc.conf, natd.conf rc.firewall and kernel configuration are covered.
 
BsdToday "Protecting your private network using FreeBSD". Another article on using FreeBSD firewalls.
 
Firewall Forensics This document explains what you see in firewall logs, especially what port numbers means. You can use this information to help figure out what hackers are up to.
 
Sniffing FAQ This document answers questions about eavesdropping on computer networks (a.k.a. "sniffing").
Cheaper Broadband with FreeBSD on DSL A good step by step walk through on configurating FreeBSD for PPPoE.

FreeBSD Mall  Powered by FreeBSD
BSD Daemon Copyright 1988 by Marshall Kirk McKusick. All Rights Reserved.