Notebook as a router/firewall - SUCCESS

[Bob George]

"Jason" <jkenner@mindspring.com> wrote:

> Bob George wrote:
> > [...]
> > I've considered doing a laptop/notebook firewall/gateway using a
> > floppy-based or CD-ROM based distribution. The form-factor is perfect,
and
> > not having a hard drive should really keep it cool. That's a
consideration,
> > especially during the hot months. I don't mind burning out a drive, but
> > having my office run 10 degrees warmer than the rest of the house is a
bit
> > of a drag.
>
> If its simply a need to use a router, why not create a system with a
> large amount of ram, and miminal software (i.e. full router suite
> only). Then keep everything in RAMdisk.

That's exactly what the floppy- and cd-rom based solutions do. In fact, the
amount of RAM needn't even be all that large, although more is always a good
thing.

The appeal was putting it into a notebook with no hard drive to reduce power
consumption, noise and heat in a small form factor, while providing a nice
built-in UPS. I simply don't want any more tower cases.

> The paranoid will point out the need for firewall logs on HD, but,
> really: if an attacker can erase the RAMdisk, the attacker can also
> erase the HD.

As Craig pointed out, the truly paranoid are already sending all logs to a
centralized location anyhow, so that's not a problem. Having syslog do both
local and remote logging is straightforward.

> [...]
> Or do it "right" and log to one of those cartridges that plugs into
> the IDE "slot" (formerly cable connector) on most motherboards...

Well that's another idea I've toyed with: One of those $40
boot-from-compact-flash adapters that emulate an IDE drive. Note sure about
stuffing one into a notebook case though.

- Bob