Sentry Firewall
Encyclopedia
Sentry Firewall is a free open-source network firewall
Linux distribution
that was first published in 2001 and has been the subject of multiple magazine reviews. The distribution is particularly notable because it consists solely of a bootable CD-ROM
that is designed to be used in a computer with no hard disk. Configuration information is retrieved at boot time by automatically searching on an attached floppy disk drive, USB flash memory drive, or another server on the local network willing to provide the configuration.
in the computer's memory. Before the system fully boots, a script searches for removable media containing a file called "sentry.conf". If that file is found, it may contain detailed instructions and a list of files to be copied from the removable media to the RAM disk before the system is finally allowed to boot.
The CD-ROM is pre-loaded with a variety of configurable network tools, including iptables
.
Because the RAM disk is created each time the machine boots, it is possible to recover from any sort of problem simply by reboot
ing the machine. From a security perspective, this is compelling because the machine essentially becomes immune to viruses or file corruption - or at least the effects of either problem can't survive a reboot.
Firewall (computing)
A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass....
Linux distribution
Linux distribution
A Linux distribution is a member of the family of Unix-like operating systems built on top of the Linux kernel. Such distributions are operating systems including a large collection of software applications such as word processors, spreadsheets, media players, and database applications...
that was first published in 2001 and has been the subject of multiple magazine reviews. The distribution is particularly notable because it consists solely of a bootable CD-ROM
CD-ROM
A CD-ROM is a pre-pressed compact disc that contains data accessible to, but not writable by, a computer for data storage and music playback. The 1985 “Yellow Book” standard developed by Sony and Philips adapted the format to hold any form of binary data....
that is designed to be used in a computer with no hard disk. Configuration information is retrieved at boot time by automatically searching on an attached floppy disk drive, USB flash memory drive, or another server on the local network willing to provide the configuration.
Overview
Sentry Firewall starts from CD-ROM and immediately constructs a RAM diskRAM disk
A RAM disk or RAM drive is a block of RAM that a computer's software is treating as if the memory were a disk drive...
in the computer's memory. Before the system fully boots, a script searches for removable media containing a file called "sentry.conf". If that file is found, it may contain detailed instructions and a list of files to be copied from the removable media to the RAM disk before the system is finally allowed to boot.
The CD-ROM is pre-loaded with a variety of configurable network tools, including iptables
Iptables
iptables is a user space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores...
.
Because the RAM disk is created each time the machine boots, it is possible to recover from any sort of problem simply by reboot
Booting
In computing, booting is a process that begins when a user turns on a computer system and prepares the computer to perform its normal operations. On modern computers, this typically involves loading and starting an operating system. The boot sequence is the initial set of operations that the...
ing the machine. From a security perspective, this is compelling because the machine essentially becomes immune to viruses or file corruption - or at least the effects of either problem can't survive a reboot.