PacketProtector Light 1.0!!!

ciscostu · 2008-03-02 07:06:08

ciscostu
Administrator
Offline

From: Gaithersburg, MD
Registered: 2006-04-22
Posts: 2,188

Topic: PacketProtector Light 1.0!!!

PacketProtector Light 1.0 is available here-

http://packetprotector.org/download/light/1.0/

This firmware is optimized for routers with 4MB of flash and 16MB of RAM (e.g. the Linksys WRT54GL). Here's what you get-

* a stateful firewall (iptables)
* intrusion prevention (Snort-inline)
* remote access VPN (OpenVPN)
* anti-phishing (OpenDNS)
* automatic updates (for Snort)
* a local certificate authority (OpenSSL)
* secure management interfaces (SSH and HTTPS)
* advanced firewall scripts for blocking IM and P2P apps
* IP spoofing prevention (Linux rp_filter)
* basic protocol anomaly detection (ipt_unclean)

The Snort-inline startup is still a bit of a kludge, but it works well. There isn't much room left on a 4MB flash so the Snort rules are stored in /tmp, and fetched from snort.org on each reboot (when auto-updates are enabled).

Cheers
Charlie

ciscostu · 2008-03-02 19:36:05

ciscostu
Administrator
Offline

From: Gaithersburg, MD
Registered: 2006-04-22
Posts: 2,188

Re: PacketProtector Light 1.0!!!

More examples of supported hardware-

Buffalo WBR2-G54
Buffalo WBR2-G54S
Buffalo WLA-G54
Linksys WRT54G (versions 1-4)
Linksys WRT54GS (versions 1-4)

See the OpenWrt TableOfHardware for more possibilities (requirements- 4MB flash, 16MB RAM, Broadcom wireless).

Charlie

lvedaa · 2008-03-05 23:39:34

lvedaa
Moderator
Offline

Registered: 2007-08-28
Posts: 11

Re: PacketProtector Light 1.0!!!

congratulations!!

ciscostu · 2008-03-06 03:34:43

ciscostu
Administrator
Offline

From: Gaithersburg, MD
Registered: 2006-04-22
Posts: 2,188

Re: PacketProtector Light 1.0!!!

Now in Subversion-

/trac/browser/buildroot_light/trunk

Fuzzy · 2008-03-10 18:24:01

Fuzzy
New member
Offline

Registered: 2008-03-10
Posts: 1

Re: PacketProtector Light 1.0!!!

Great work!!

A suggestion: I tried to install the packages for dyndns, but without success; there was a message that there was not enough space on the device. Is there any way to free some space for dyndns, i. e. to remove other modules?

ciscostu · 2008-03-11 00:12:29

ciscostu
Administrator
Offline

From: Gaithersburg, MD
Registered: 2006-04-22
Posts: 2,188

Re: PacketProtector Light 1.0!!!

I tried to install the packages for dyndns, but without success; there was a message that there was not enough space on the device. Is there any way to free some space for dyndns, i. e. to remove other modules?

D'oh! I'll roll updatedd into the next release (later this week). It shouldn't take up much room on the compressed (squashfs) partition.

If you have any suggestions for extraneous stuff that can be removed, please let me know.

I may try to pull some stuff from the firmware (e.g. tcpdump), and instead use a startup script to install the packages to /tmp (ramdisk) at boot.

Thanks!
Charlie

jimmyridge · 2008-04-11 08:20:27

jimmyridge
New member
Offline

Registered: 2008-04-11
Posts: 1

Re: PacketProtector Light 1.0!!!

space isnt always a problem use NFS CIFS sshfs etc or hardware SD MMC mod (Wrt54G series) i hate my GL for its small storage space i'll prolly move the snort rules off to a remote mountpoint

ps thanx for releasing "light versions" the openwrt snort isnt compiled with inline support and i ugh am too lazy to compile everything myself this is sooo great

ecer since i started messing with snort i noticed alot of people tryin buffer exploits/shell code on my hosts

Last edited by jimmyridge (2008-04-11 08:27:13)

besonen · 2008-08-02 05:09:34

besonen
Member
Offline

Registered: 2008-03-12
Posts: 19

Re: PacketProtector Light 1.0!!!

ciscostu wrote:

PacketProtector Light 1.0 is available here-
http://packetprotector.org/download/light/1.0/

is the openwrt-wrtsl54gs-2.4-squashfs.bin file the wrt54gl image?

ciscostu · 2008-08-02 20:27:00

ciscostu
Administrator
Offline

From: Gaithersburg, MD
Registered: 2006-04-22
Posts: 2,188

Re: PacketProtector Light 1.0!!!

is the openwrt-wrtsl54gs-2.4-squashfs.bin file the wrt54gl image?

No, it's this one-

openwrt-wrt54g-2.4-squashfs.bin

Hope this helps,
Charlie

besonen · 2008-08-03 00:45:15

besonen
Member
Offline

Registered: 2008-03-12
Posts: 19

Re: PacketProtector Light 1.0!!!

ciscostu wrote:

is the openwrt-wrtsl54gs-2.4-squashfs.bin file the wrt54gl image?
No, it's this one-
openwrt-wrt54g-2.4-squashfs.bin
Hope this helps,
Charlie

thanks for replying.

after hunting around on the website i finally figured out which firmware was for the wrt54gl.

a text file (eg. index.txt) in the download directory would have saved me some hunting.

-- david

Ketty · 2008-10-27 11:39:50

Ketty
New member
Offline

Registered: 2008-10-27
Posts: 1

Re: PacketProtector Light 1.0!!!

nice work

PacketProtector Light 1.0!!!

Posts [ 11 ]

1 Topic by ciscostu 2008-03-02 07:06:08

Topic: PacketProtector Light 1.0!!!

2 Reply by ciscostu 2008-03-02 19:36:05

Re: PacketProtector Light 1.0!!!

3 Reply by lvedaa 2008-03-05 23:39:34

Re: PacketProtector Light 1.0!!!

4 Reply by ciscostu 2008-03-06 03:34:43

Re: PacketProtector Light 1.0!!!

5 Reply by Fuzzy 2008-03-10 18:24:01

Re: PacketProtector Light 1.0!!!

6 Reply by ciscostu 2008-03-11 00:12:29

Re: PacketProtector Light 1.0!!!

7 Reply by jimmyridge 2008-04-11 08:20:27

Re: PacketProtector Light 1.0!!!

8 Reply by besonen 2008-08-02 05:09:34

Re: PacketProtector Light 1.0!!!

9 Reply by ciscostu 2008-08-02 20:27:00

Re: PacketProtector Light 1.0!!!

10 Reply by besonen 2008-08-03 00:45:15

Re: PacketProtector Light 1.0!!!

11 Reply by Ketty 2008-10-27 11:39:50

Re: PacketProtector Light 1.0!!!

Posts [ 11 ]