A Simple Linux Router Upgrade
December 24th, 2001 by Phil Hughes in
Linux Routers
Apparently as a Christmas present someone cracked into my old router for my home network. It looks like they couldn't do much because of the sparse configuration on that system but I decided it was time for an upgrade.
I was running a Debian distribution from a couple of years ago that I had configured myself to do IP Masquerading and some port mapping. All this on a 486/33 with a 500MB disk. What you might call a set it and forget it system.
Well, the crack inspired me to go for a change. I knew of a few single-floppy routers but had never configured one. This seemed like the perfect chance to try one out because it meant I didn't have to trash to running but insecure current config making it possible to fetch stuff off the net if my first try didn't work.
I decided to go for a quick search on freshmeat and see what was out there. The listings are alphabetical and the first I came to that sounded like it would work was BBIagent.net. This package offers a Linux 2.4.13 kernel, fits on one floppy and includes a form on the web site that you fill out to get your own custom floppy image. To top it all of it would run in 8MB of RAM--an easy fit for my huge 16MB system.
Once you boot it up you configure it remotely using a Java-enabled web browser on your LAN. Sounded secure enough so I went for it. After all, the price was right and it looked like very little work.
The configuration was almost a snap. That is, it was a snap but the first two disks I wrote weren't happy setting up my two 3C509 Ethernet cards. I had been thorough and gave I/O addresses and IRQs.
I decided being dumb was probably the way to go and told the config program I didn't know this info so it should auto-probe. Another boot and it worked like a charm.
Once you configure it from the browser you can save your configuration options to the boot floppy. That's about it. Now I just need to pop the case on the system and unplug the now unused hard drive.
Phil Hughes
Special Magazine Offer -- Free Gift with Subscription
Receive a free digital copy of Linux Journal's System Administration Special Edition as well as instant online access to current and past issues. CLICK HERE for offer
Linux Journal: delivering readers the advice and inspiration they need to get the most out of their Linux systems since 1994.
Delicious
Digg
StumbleUpon
Reddit
Facebook
Post to TwitterSubscribe now!
The Latest
Newsletter
Tech Tip Videos
Recently Popular
From the Magazine
December 2009, #188
If last month's Infrastrucuture issue was too "big" for you then try on this month's Embedded issue. Find out how to use Player for programming mobile robots, build a humidity controller for your root cellar, find out how to reduce the boot time of your embedded system, and if you're new to embedded systems find out the basics that go into one. You can also read about the Beagle Board, the Mesh Potato and a spate of other interestingly named items. And along with our regular columns don't miss our new monthly column: Economy Size Geek.
Re: A Simple Linux Router Upgrade
On January 9th, 2002 Anonymous says:
Read about some of the upcoming features in IPCop at http://slydder.homelinux.com/stories/op/storiesView/sid/60/
chuck
Re: A Simple Linux Router Upgrade
On January 12th, 2002 Anonymous says:
Thanks! I love it. and no smoothwall team. ;)
Am also awaiting version 0.2 to be released now.
Steve
Re: A Simple Linux Router Upgrade
On January 7th, 2002 Michael (not verified) says:
P.S.
It wouldn't hurt to change the sort order of comments posted so the newest show up on top.
Most users will get bored real quick and not look much further if they see old comments that don't look fresh right under an article.
Michael
Re: A Simple Linux Router Upgrade
On January 7th, 2002 Michael (not verified) says:
How about telling us the 'sploit that got you compromised and how come you missed FreesCo?
Michael Hess
Editor, BBSNews
http://bbsnews.net
Re: A Simple Linux Router Upgrade
On January 2nd, 2002 Anonymous says:
Take a look at this one, a fork of another GPL project.
http://sourceforge.net/projects/ipcop/
IP Cop takes over a pc and provides logging, Snort IDS, VPN, Firewall, Transparent Proxy, DNS cache, and more.
Keep an eye on this one. The first _real_ release should be out by the middle of January. The current release is a shakedown cruise.
Re: A Simple Linux Router Upgrade
On December 31st, 2001 Anonymous says:
I'm very sorry to hear your box was compromised. I would like to know how. I'm glad though that it caused you to check your configuration and to see what would be better of use for your needs.
As an article i find this story lacking. I would have liked to see a comparison between different solutions you (should have) tried. Now it it seems you just picked the first solution at hand and forgot about the rest. This is the kind of story you tell to your friends, or the kind of story i can read at various small linux-enthousiasts sites. This is not qiuet what i would expect from a source like LJ.
Like the new look of the site though...
Re: A Simple Linux Router Upgrade
On December 30th, 2001 Anonymous says:
I think you could have done a better job on this short article--too short.
At least tell the reader in what way your system was compromised so that they can check their own system.
It would be easier to read if you had checked your grammar and english usage before posting this article--not very professional. This is a problem that is rampant in the technical community.
You should have included details related to upgrading the kernel, if necessary, the various routing applications i.e: ipchains, iproute, etcetera, and configuration information.
Try harder next time!
Re: A Simple Linux Router Upgrade
On January 2nd, 2002 Anonymous says:
The old adage of the pot & the kettle comes to mind.
As you seem to have an affinity for grammatical pedanticism, I am sure you will enjoy the errors I found in your own response:
1) The first sentence contains a syntax error. It includes an incomplete phrase;
2) The second sentence employs mixed tenses. The correct portion should read, "It would have been easier to read, had you checked your grammar before posting the article;" and,
3) The third sentence is a complete disaster due to a number of serious mistakes in syntax, punctuation and basic grammar. It needs to be completely rewritten.
You knew someone was going to do this, didn't you?
--
burns
Re: A Simple Linux Router Upgrade
On December 27th, 2001 Anonymous says:
Could you give us some information as to in what way your original box was compromised?
Re: A Simple Linux Router Upgrade
On December 28th, 2001 fyl (not verified) says:
Sure. A directory of break-in software appeared in /etc.
I don't know how it managed to get put there but I am guessing a bug in ftp. It appears that nothing was done with it (hard to be sure). The one thing that I noticed was that it needed Perl to run and the system does not have Perl on it. Also, the system only has 8MB of RAM which should slow down some approaches.
I have the files saved and, when I get a chance, will see what other interesting things they hold.
Re: A Simple Linux Router Upgrade
On January 13th, 2002 Anonymous says:
I'm wondering how you have a working Debian box without Perl?
Upgrades (dpkg/apt) would almost surely be broken.
And why would one run an ftp daemon on a firewall anyway?
Re: A Simple Linux Router Upgrade
On January 5th, 2002 Anonymous says:
You orginally stated that your box has sixteen megs of ram.
Re: A Simple Linux Router Upgrade
On December 27th, 2001 Anonymous says:
one wonders how one could miss the linux router project. and, btw, ever thought of copy-protecting the whole shootin' match (the floppy, dude...)???
Re: A Simple Linux Router Upgrade
On December 28th, 2001 fyl (not verified) says:
I didn't miss the LInux router project. I am well aware of it and expect most readers are as well. Had I not tripped on this different approach I would have loaded LRP. But, it's my nature to try alternatives--probably why I don't own any software from that big software marketing company in Redmond.
Re: A Simple Linux Router Upgrade
On December 26th, 2001 Anonymous says:
What about logging?
Re: A Simple Linux Router Upgrade
On December 26th, 2001 fyl (not verified) says:
If you are looking for a "who did what" log, this is the wrong answer. On the other hand, it goes way beyond what you get with an inexpensive box such as the Linksys. Of particular interest to me is the ability to redirect port numbers. Thus, you could have multiple web servers behind the router all serving port 80 but, from the outside you could select a destination by the port number.
Clearly, a Linux box can do a lot more than this guy but this guy does what I needed to do with virtually no setup work.
Re: A Simple Linux Router Upgrade
On July 4th, 2003 Anonymous says:
Where I can find a free router soft how BBiagent or Microtic ?
Re: A Simple Linux Router Upgrade
On December 26th, 2001 Anonymous says:
Depends what you mean by logging. It has built in logging which records how much data passed through the router, when the connection was made, and the total amount of time on line. If you have an unlimited internet access line, this probably don't mean much. But for those who have limited access, i.e. broadband access with limited free access per month, this is a useful feature.
Also, the latest version 1.4.1 has settings for priority routing i.e. TOS
Post new comment