This is the long-overdue Sentry Firewall CDROM howto. I hope this document helps get you started using the Sentry Firewall CD and answers any questions you might have regarding how the system works. The most current version of this howto can be obtained at the following URL: http://www.SentryFirewall.com/files/howto/.
If you would like to add anything to this document, or if you have any questions or comments please feel free to email me, Obsid@Sentry.net.
The Sentry Firewall CD is a Linux-based bootable CDROM suitable for use in a variety of different operating environments. The system is designed to be configured dynamically via a floppy disk or over a network. This allows one to configure the system dynamically, eventho much of the actual system is on read-only(CDROM) media.
There are several advantages of using a CDROM based system in various security related environments. The main system is centered around the ramdisk; a compressed file system image which is loaded into RAM at boot time. Any changes to the ramdisk image are temporary, and will be undone upon the next reboot. Furthermore, the ramdisk, kernel, binaries, etc, related to the operating system are kept on read-only media(CDROM). This means that if the security of a box running a CDROM based system is ever compromised the attacker can at best own the box until the next reboot. So there is no real threat of having to go through the tedious task of rebuilding and hardening the system after a successful attack is discovered.
At the moment, there are at least a couple variations of the Sentry Firewall CD that are based on various Linux distributions. You should first choose the Linux distribution you are most familiar with. More information on the different types can be found on the web site - http://www.SentryFirewall.com/.
Basically, the Sentry Firewall CD is meant to be configured just like a normal Slackware or Redhat or whatever Linux system. There are no GUIs, no scripts to do it for you. The idea behind the configuration of the CD is that you are able to reconfigure the system by replacing the startup scripts and the various configuration files normally present on the system at boot time. Most of these are simply text files and shell scripts that you need to edit by hand in order configure properly. There are, however, usually plenty of resources available to assist you in configuring a specific service or daemon(HOWTOs on linux.org, for example).
First, let me explain briefly how the Sentry Firewall CD works. Basically, there is the "host" system, a Linux system that is based on one of several Linux distributions. Then there are the configuration scripts, written in perl, that run after the kernel boots and help configure the system on the fly. In general, it is possible to create a Sentry Firewall CD system based on nearly any Linux distribution while only modifying one of the five perl scripts.
So, to answer your question, each Sentry Firewall CD branch utilizes similar configuration methods, but are simply based on different Linux distributions. Since I'm a Slackware fan, I used that distribution as the foundation for the original Sentry Firewall CD(the "SENTRYCD" branch). It has always been my desire to utilize other Linux distributions for this project, which is why I created the "SENTRYCD-RH" branche. There will no doubt eventually be other branches and variations.
Sentry Firewall CD Development Branches:
In any case, all the basic functionality is present in each branch. But since different Linux distributions are configured differently, using different rc files or files in /etc/sysconfig for example, some of the configuration directives(explained below) will vary between the two branches.
The current copyright and disclaimer can be found on the website; http://www.SentryFirewall.com/files/COPYRIGHT. It applies to the Sentry Firewall CD, and all the scripts and documentation associated with it.