Prev: Flashing a WRT54G router (with v7.00.1 firmware) with a linux firmware?
Next: Cannot delete gre tunnel
From: § on 25 Sep 2007 12:29
Ignoramus30458 wrote:
> On Tue, 25 Sep 2007 11:06:38 -0500, � <tdstr(a)foadspammer.com> wrote:
>> Ignoramus30458 wrote:
>>> On Tue, 25 Sep 2007 08:43:11 -0700, CptDondo <yan(a)NsOeSiPnAeMr.com> wrote:
>>>> act as a GPS server for my handheld
>>> How does it act as a GPS server? Does it have a built in GPS receiver?
>>>
>> I'm interested in the function as well.
>>
>>> My own feeling about all this is that a regular Linux box can do those
>>> routing things with more convenience.
>> The convenience factor for me was *not* tying up another pc and spending
>> the time for a linux install/config.
>
>> The DD-WRT flash and config took all of about 15 minutes total.
>>
>
> Just 15 minutes? That's great. I am very impressed. I am not trying to
> demean what you do, at all, I think that it is great.
>
> As for tying another PC, a Linux box can do all kinds of things
> besides being a firewall. I do not have a "dedicated firewall linux
> box" myself.
>
> My approach is, obviously, much more applicable to a wired situation
> than to a wifi situation, where your solution excels.
>
> (I have a wifi subnet at home, and use ssh port redirection to
> accomplish some of the things that you are doing)

That's a busy box!

>
>>> I have a network at home with NATs, private subnets, etc, all
>>> controlled by a regular Linux computer acting as a firewall.
>>>
>> Still a very good way of doing it.
>
> Yes. I absolutely love linux in that it gives me the full power to do
> whatever I want, without me being restricted to "no more than 64
> sockets without a Professional license", etc.
>

I hear yah on that one. I'm real curious on how CptDondo did his usb
gps thing on his wrt54. Google searching as I type....
From: CptDondo on 25 Sep 2007 14:43
� wrote:

> I hear yah on that one. I'm real curious on how CptDondo did his usb
> gps thing on his wrt54. Google searching as I type....

Look around on the OpenWrt site. The Broadcom BCM47xx SOC has USB so
you can hardware hack a linksys for USB. Me, I took the easy way; I
bought a Linksys WRTSL54GS, which comes with a USB port. The other two
routers I have are Viewsonic WR100; see my writeup on the openwrt page:

<http://wiki.openwrt.org/OpenWrtDocs/Hardware/Viewsonic/WR100>

--Yan
From: CptDondo on 25 Sep 2007 14:47
Mark T.B. Carroll wrote:
> Ignoramus30458 <ignoramus30458(a)NOSPAM.30458.invalid> writes:
>
>> On Tue, 25 Sep 2007 09:10:18 -0700, CptDondo <yan(a)NsOeSiPnAeMr.com> wrote:
>>> Ignoramus30458 wrote:
> (snip)
>>> It's got a $30 USB GPS puck.
>> I am very interested in buying one for my laptop. Would you recommend
>> a particular one that works with Linux?
> (snip)
>
> Holux do a SiRF III one IIRC. I think I needed the PL2303 driver for
> that, and for another one I bought. So long as it talks NMEA 0183 you're
> probably fine - gpsd and other applications tend to understand that.

I think that's what I have. Definitely any of the Sirf III chipset
pucks is the way to go. PL2303 sounds familiar too; I seem to recall
that I needed that module as well...

You can buy them on E-Bay for $30 or so, and that chipset is truly amazing.

--Yan
From: David Brown on 26 Sep 2007 03:12
Grant Edwards wrote:
> On 2007-09-26, Ignoramus30458 <ignoramus30458(a)NOSPAM.30458.invalid> wrote:
>
>>> You can get a brand new WRTG54 (or some other equivalent) for
>>> $40 (used ones you can get for $0-$20), it's the size of a
>>> paperback book, it's completely silent, it only burns about 5
>>> Watts.
>> That is indeed great.
>>
>>>> I have a network at home with NATs, private subnets, etc, all
>>>> controlled by a regular Linux computer acting as a firewall.
>>> Which cost somewhere between $300-$1000, is a _lot_ larger,
>>> has annoying fans, and burns about 20X the power.
>> except the linux firewall box can do all sorts of other
>> things, it does not have to be dedicated.
>
> It does have to be on all the time, which can be annoying when
> you need to rebuild/upgrade that machine and the others can't
> get to the 'net until that job is done.
>
> There are also people who are too paranoid to have a "general
> purpose" Lintel box connected to the internet. The thought
> being that a dedicated, single-purpose box (running a non-IA32
> architecture) will be much harder to exploit than an IA32 box
> with a lot of huge, complex applications and services running
> on it. I'm not sure there's a lot to that argument.
>

There is plenty of truth to that argument - there is little doubt that
an x86 machine has more attack vectors than a MIPS machine running
exactly the same software, since the former is subject to buffer
overflow and code injection attacks that the later is not (that's not to
say you couldn't make such attacks on MIPS, merely that available
toolkits and software all aim at attacking x86 machines due to their
popularity).

Of course, a well-configured x86 box will be a perfectly reliable
firewall for all practical purposes. And being familiar with the system
you are working on (for a complex system, anyway) is as important as any
inherent security benefits.

But what *does* make a big difference is keeping your firewall box
simple in regard to software - you don't run unnecessary services, and
you use the simplest possible alternatives for the services you need
(assuming they are good enough, of course). Thus you don't run apache
on your firewall - making you therefore immune to any security flaws in
apache, and you don't want to use X for configuring your firewall. You
don't even want that sort of thing installed in the first place.

If you want to make a single consolidated server and firewall server,
the best way is to have the server stuff running as virtual machines so
that you have *almost* as good security as if they were physically
separated.
From: Larry Finger on 26 Sep 2007 18:33
Ignoramus30458 wrote:
> On Wed, 26 Sep 2007 02:32:34 -0000, Richard Steiner <rsteiner(a)visi.com> wrote:
>> On Tue, 25 Sep 2007 19:46:53 -0500 in comp.os.linux.networking,
>> Ignoramus30458 <ignoramus30458(a)NOSPAM.30458.invalid> spake unto us, saying:
>>
>>> On Wed, 26 Sep 2007 00:31:57 -0000, Grant Edwards <grante(a)visi.com> wrote:
>>>
>>>>> I have a network at home with NATs, private subnets, etc, all
>>>>> controlled by a regular Linux computer acting as a firewall.
>>>> Which cost somewhere between $300-$1000, is a _lot_ larger, has
>>>> annoying fans, and burns about 20X the power.
>>> except the linux firewall box can do all sorts of other things, it
>>> does not have to be dedicated.
>> But it does have to be ON. :-)
>
> I do not have a habit of turning computers off (except for my linux
> laptop).
>
>> I just picked up a Linusys WRT54G v8.0 (yeah, I know I should've gotten
>> the GL instead) WAP/router/firewall mainly to free up my old Linux f/w
>> box, and I think it's nice to be able to multiboot again w/o canning my
>> internet connection...
>>
>
> Without a doubt.
>
> How can I tell if my WRT54G supports embedded Linux? Maybe I should
> take it off eBay.

To some extent, they all do, but the V5 and later models have half the RAM and half the flash memory
of earlier models. The V5 thru V8 models come from the factory running VxWorks. The others already
run Linux, which is how the alternate firmware sources got started. Due the GPL, Linksys had to make
their kernel sources available. Only the driver for the Broadcom wireless chip could be distributed
in binary-only form. That driver file has been an important resource in the reverse engineering of
the BCM43xx chips, which has led to the bcm43xx opn-source driver for Linux.

If your WRT54G doesn't have a version listed on the name plate, then it is likely a V1, which will
run 3rd party Linux firmware.

Larry
First  |  Prev  | 
Pages: 1 2
Prev: Flashing a WRT54G router (with v7.00.1 firmware) with a linux firmware?
Next: Cannot delete gre tunnel