Slashdot Mirror


Captain Crunch's New Boxes, Part II

micsaund writes: "It looks like the infamous Captain Crunch has been toiling away for 3 years on a firewall now known as the Crunchbox. It runs OpenBSD and is administered via a web-based interface. Steve Wozniak is quoted as saying it's 'next to un-crackable.' Check it out at ShopIP. The Register also has an article on it. As an aside, since the Linux Router Project (LRP) appears to have been sold-out and GnatBox is a tad expensive, is anyone aware of some kind of 'packaged' firewall with a slick interface available for free?" We mentioned Draper's venture into firewalls last year, but there's been some progress since then.

5 of 414 comments (clear)

  1. Re:Free Firewall... by GSloop · · Score: 3, Interesting

    Again, be wary of Dick (aka Richard Morrell).

    From what I can gather, his attitude could use some serious positive adjustments.

    He does provide a FREE fw, but it wouldn't excuse his behavior IMHO, should the IRC logs and such posted on the net turn out to be true.

    Cheers!

  2. SINCE WE'RE ON THE SUBJECT... by kir · · Score: 3, Interesting

    Fast, reliable, application level proxies - with the ability to log at different levels (and run on linux).

    Where can these be found?

    Both generic tcp/udp proxies and application aware "smart" proxies (i.e. H.323, NetMeeting, RealAudio, etc.). I know a lot of this funationality exists in the kernel, but I'd love to have proxies for those pesky protocols that decide on random high ports. If it could see and understand the "conversation", it could then, on the fly, proxy the appropriate (randomly selected) ports.

    If I am completely missing something here (i.e. I'm a moron?!), let me know. I can take it. I think??

    --
    3cx.org - A truly bad website.
  3. FWTK: Not a fancy interface... by tkrotchko · · Score: 4, Interesting

    ...but a solid firewall.

    http://www.fwtk.org/main.html

    There's still a lot of support and I believe an active mailing list.

    I put one together 5 years ago, and the company I work for still uses it for their mailing host.

    Interface? There is none. But it works pretty damned good if you're willing to spend 1 day understanding how it works.

    Not a bad deal.

    --
    You were mistaken. Which is odd, since memory shouldn't be a problem for you
  4. Re:Smoothwall Attitude Problems (was: Smoothwall) by dpotter · · Score: 5, Interesting
    Just took a quick look at the Smoothwall FAQ and I have to say that you appear to be correct about Mr. Morrell's attitude:

    The FAQ devotes 32 of 88 pages to how to correctly interact with the community, with such topics as "On Not Reacting Like a Loser" and "RTFM and STFW: How to tell you've seriously screwed up."

    Furthermore, the remaining 56 pages are liberally sprinkled with the same: "Asking this question on the mailing list or IRC will inevitably result in the verbal equivalent of being hit round the head with a baseball bat. The answer is NO."

    While I appreciate the sentiment of these statements, devoting nearly half of the document to this topic might be a little overboard.

  5. Re: Updating Smoothwall yourself? by King_TJ · · Score: 4, Interesting

    It's always interesting to see people so quick to attack an author of security-related software when they ask how to essentially "de-secure" the product!

    I mean, honestly, it's probably a little "over the top" to ban your IP over the question -- but looking at it from the author's side for a minute; You're basically trying to modify the package to suit your specific needs. If you do this, you run a risk of introducing new code that's untested as to the level of security inherent in it. If the author helps you do these modifications, and then your box gets hacked later, how do you think that reflects on his original product?

    Richard Morrell may have his share of attitude problems, but I don't think this is really a fair one to use against him. Firewalls are *not* supposed to run other services. People keep trying to add ftp, printing and Samba file sharing services to Smoothwall, among other things - and it's just a BAD idea.