Coyote Linux Linux Internet Security Software

24Nov/090

Coyote switching to Suse Studio for base OS

After much tinkering around with OpenEmebedded as well as RPath Linux and OpenSuse/Suse Studio, I have switched my development platform to Suse Studio. For those unaware of this marvel of technology, it is a web site that allows the creation of a customized "JeOS" (Just Enough Operating System) installation of Linux based on the Suse distribution. RPath would have been my first choice as they have multiple base distros and allow for a switch from 32 to 64 bit when building an individual appliance - but I found their web interface and service to be way too buggy.

In addition to the more stable appliance creation interface, Novell owns and operates Suse Studio and both the Suse distribution and Mono - the .net platform is very well integrated.

The use of Suse Studio / openSuse for development will save me an estimated 6 months of work over the course of the Coyote 4 development cycle (This is about the amount of time that was spent between each major release of Wolverine on the underlying custom Linux distro).

The drawback to using Suse as the core OS is the size of the installation. The base OS for Coyote 4 will be approximately 50 time larger than that of Coyote 3 and 500 time larger than Coyote 1 and 2 (which fit on a floppy). However, Coyote 4 will eventually include a full graphical console for administration, a remote web service for 3rd party applications and services to interact with, and will be capable of running many additional services. The use of a full distribution as the base for Coyote will also allow me to focus directly on the security features of the product and leave general system setup and configuration to the underlying Linux install - this will allow for a much greater array of hardware support than previously available. Approximate installation size at this time is around 500MB - however, with the cost of a 4GB flash drive being less than $20, the cost of storage capacity (even for small appliances) was not a deciding factor in my choice of base installations.

~Josh

Tagged as: , , , , , No Comments
24Mar/090

OpenEmbedded chosen for Coyote builds

I have chosen to use BitBake / OpenEmbedded as the base buildroot for Coyote Linux v4.0. Previous versions of Coyote Linux used either a custom chroot environment or required a particular distribution to be used as the development platform. With the use of BitBake/OE, it should be possible to build Coyote Linux to target multiple different architectures and machine configurations using nearly any Linux distribution as the development machine OS.

I will release a custom OE build tree shortly so that others can start working with or developing for Coyote Linux. If you happen to already be familiar with either OE or BitBake and would like to be involved in the development of Coyote 4, please send me an email at jjackson [at] vortech [dot] net. I am specifically looking for someone that would like to help with the BitBake tasks and packages for Mono and/or PHP.

Tagged as: , , , , No Comments
14Mar/090

Embedded Firewall Prototyping System

The following are some images of a system which was assembled to facilitate the prototyping of embedded firewall appliances for Coyote Linux. The embedded systems used are made by Soekris Engineering.

The system consists of a Core2 Duo based computer running CentOS 5.3 and 3 external Soekris appliances (net4501, net4801, and net5501). The internal system power supply is used to provide 12v DC power to the external appliances via a relay board and a series of external power switches.  The networking for the system contains 3 discreet LANs which are connected to 5 port hubs mounted in the 5.25" bays in the main system.

The consoles of each of the external appliances are connected to the main system via USB to RS232 conversion cables.

Tagged as: , , No Comments
22Feb/091

Coyote 4 Screen Shots

I have added a page to the top menu which contains some screen shots of the web admin which will be included in Coyote Linux v4.00. The new web admin uses a multi-tiered architecture which includes a Mono (http://mono-project.org) powered front-end web site and web service back-end. The separation of the web site from a web-service based application that performs the actual system configuration will allow for 3rd party applications to be developed for controlling the Coyote Linux based security devices.

Tagged as: , , 1 Comment
21Jan/092

Coyote Linux Design Philosophies

Many of you are going to question some of the decisions made when I selected the tools, platforms, and techniques for the development of Coyote Linux 4. I am going to write up a post as a preemptive set of answers which I will refer to when the questions, comments, flames, etc start pouring in.

One of the biggest changes to this release of Coyote Linux is the use of C# as the primary development language used for most of the administration, configuration, and maintenance utilities. Previous implementations of Coyote Linux made heavy use of C, Pascal (namely Delphi), and Bash shell scripting for this purpose. The change is being made to C# after nearly 2 years of working with the language in a cross-platform setting which involved the use of both Red Hat Linux and Windows 2003/2008 servers. The ability to use a single development environment (in my case, Visual Studio 2008) and produce executables that will execute in unmodified form on both Linux and Windows has seriously put the "R" in RAD programming. I am still actively involved in projects that require the development of cross-platform utilities and am already paying for all of the necessary licenses to provide my company with a full array of software and hardware to develop applications that work in a mixed server OS environment.

I have spent a great deal of time testing C# applications under Linux using Mono as the executing environment. While this is not necessarily the best choice for small, embedded hardware (486 / ARM class processing power) it works very well for anything using i686 or better technology. Another wonderful advantage of using this technology is the ability to run the same set of executables on both 32 and 64 bit hardware without the need for compatibility libraries to be installed. The installation of Mono dictates the 32/64 bit execution environment, preventing the need to recompile the full Coyote Linux software package.

Coyote Linux 4.0 will target 2 installation platforms. The first release of the Coyote Linux security suite will be as an add-on to existing installations of Red Hat or CentOS 5. After the suite has stabilized as an addon for existing distributions, a new installation OS will be added to accommodate the install on bare metal hardware and as both a Xen and VMWare hypervised guest.

The web sites that make up the Coyote Linux and Vortech Consulting customer services, product distribution sites, and e-commerce transaction processing consist of a mix of both Linux and Windows 2008 servers. The design chosen allows me to make use of the last 2 years of my work developing e-commerce and software delivery systems.

If you have any further questions or comments, you are welcome to visit the forums or post a comment to this blog.

Tagged as: , , , 2 Comments
   

Pages

Categories

Blogroll

Archive

Meta