Proxy server

[Ted Juszczak <tedj@xxxxxxxxx>]

> So, what I was wondering is, how feasible would it be to build another
> computer (at as low cost as possible), and then somehow network the two
> and use my main machine (which is a dual Win95 and RedHat) for a proxy
> server?
> 
> Or would it be better to just use the slower, cheaper one with a
> strictly Linux OS as a proxy or something, connect that one to the ISDN
> line, and have dial-on-demand from the bigger, dual boot box?

Take a look at a free linux distro called Trinux that fits on a floppy. Here's the pitch from the site: ( trinux.org )

"Trinux is a portable Linux distribution that boots from a single floppy disk, loads it packages from a FAT/Ext2 partition, floppy disks, or HTTP/FTP servers, and runs entirely in RAM. Trinux contains precompiled versions versions of popular Open Source network security/monitoring tools such as nmap, tcpdump, iptraf, and ntop. Trinux default configuration provides DHCP for easy network configuration. 

Trinux transparently converts ordinary x86 PCs into a powerful network security workstations without affecting the underlying operating sytem(s). Trinux is based on a strippred-down version of Linux that should boot on any 386 or better with at least 12-16 megabytes of RAM. Hardware support for many common Ethernet cards is provided in the default kernel. Additional hardware support is possible through kernel modules. Trinux 0.6x supports 2.2.x kernels and is binary-compatible with RedHat 5.2."

There's also a  version called Matterhorn also that uses the 2.2.2 kernel and ipchains. 

Alternatively look at the Linux Router Project ( http://www.linuxrouter.org/ )

LRP can do some pretty heavy networking on a couple of floppys and a junk (386/486) machine, including (but not limited to): 

"Policy firewall, IP Masquerade (NAT), port redirection, port translation, port load balancing, transparent proxy, numberless interface spanning, interface load balancing, interface aliasing, sniffing etc." 

There are numerous other "linux on a floppy" distro's out there. If you want to install one using pretty graphics, there's ShareTheNet at www.sharethenet.com This guy wrote a visual basic program that writes a configured linux to a floppy for you from Win95. He charges $70 for the VB version. This is not an endorsement - VB must be expensive wherever you go. He gives the linux version away though. Most of the "loaf" distro's just use rawrite.exe from dos to make the linux floppy - look for files with "idiot" and "img" in their file names. 

"LOAF" distro's eliminate the wear and tear(or need)of a harddrive. The HD is usually the first thing to go on an old machine anyway. Monitors and keyboards can be superfluous too.  Just telnet into the box with your regular (linux or win) machine to administer it(varies by distro). Go to www.qpc.com for a heavy duty, but free, Win32 version of telnet/ftp called QVT/Term. M$'s is a toy by comparison. You'll need a (non-win) modem and a cheap($5)10Mb NIC or two NIC's if you're using a cable modem or DSL. Use a "crossover" RJ-45 cable($4-$6 new) between just 2 machines and you won't need a hub or use thin-coax with BNC connectors and be sure to include terminators at the end-T's ($6-$12 for new stuff, much less for old). I've had good luck with no-name NE2000 cards which usually use Realtek 8019 chips.  The jumpered kind (rather than the PNP kind)are cheaper and more likely to work with most old bios's. Don't use the NE-2K-PCI modules unless you use PCI nics. If you use the fairly common Realtek chips, be sure to run the dos bootable diagnostic (RSET8019.exe) on both machines to ensure the cards are talking to each other first, before going to linux. I think Realteks home page is at www.realtek.com.TW - note the Taiwan top domain. 
There's some free firewall scripts available too. Look for gShield or pointman (www.pointman.org). gShield uses ipchains only.
 
Extra ram (>= 16megs) is better investment than a faster CPU.


Have fun,

Ted 



----------
Message To Spammers -- Game Over!  Get spam-free email at http://www.MsgTo.com