Masq Box: TCP/IP Firewall and NAT
Jeremy Suurkivi
http://www3.sk.sympatico.ca/suukg/masqbox.html
for an HTML version of the following:
Masq Box
Internet Sharing Server Software
______________________________________________________________________
What is it?
Masq Box is a TCP/IP Network Firewall and Network Address Translator.
It was created by Jeremy Suurkivi in Moose Jaw, Saskatchewan, using
the Linux operating system. It allows a network to share a single
internet connection.
What does it do?
Internet Sharing
Masq Box allows a network to share a single internet connection.
All of the computers on the network can run Internet applications
at the same time. It's similar to a Proxy Server but is superior
in many ways. Basically, a Network Address Translator (NAT) tricks
the local network into thinking it is communicating directly to the
Internet and tricks the Internet into thinking is is communicating
directly to a client computer on the local network. It's actually
closer to a Router or a Gateway than it is to a Proxy Server.
Network Protection
Masq Box is also a Network Firewall. A Firewall protects the
internal network by only allowing certain traffic to pass through
it. Masq Box only allows through traffic that is in reply to
requests made by the computers on the local network. This means
that a hacker can't arbitratily send data to a computer connected
to Masq Box.
Hardware Requirements
Masq Box needs very little to run. A typical setup using a High
Speed
Internet Connection requires a 386 or 486 computer with 8 megabytes
of
RAM, a 1.44 megabyte floppy drive, and two network cards. The client
computers must be connected to a local network which can be running
at
either 10 or 100 mbps. In order to accomidate a 100 mbps network, a
server with PCI slots will probably have to be used and will probably
cost slightly more. It does NOT need a monitor, hard drive, keyboard
or mouse.
The client computers can pretty much be any kind of machine that
would
be able to connect to the Internet all by itself.
Benefits
Custom Setup
On-site setup is included in the price of Masq Box. This includes
the custom configuration of the server and setting up the client
computers to use Masq Box as the gateway. If a small amount of
network cable wiring is required, it will be included in the
price. If needed, a server computer or any networking upgrades can
be provided for a charge. With the custom setup, no work will be
required to get your network connected to the internet. Everything
will be taken care of. This means no reading manuals and no long
distance calls to technical support.
Note: Since the author lives in Moose Jaw, Saskatchewan, travel
costs are not included. I am willing to travel within the
province, but it is also possible to do a remote setup. If someone
with sufficient computer knowledge is already at the site, it may
be possible to transfer the software pre-configured over the
Internet. This would require a person with enough knowledge to
setup network cards and do any wiring that may be required. They
will not have to setup any options within Masq Box itself.
Ease of Use
Once Masq Box is setup for your site, no additional configuration
is required. Since Masq Box is a NAT instead of a Proxy Server,
client applications do not have to be setup individually, and
normal internet applications will run straight out of the box
without client side or server side intervention. Simply tell your
client computers that Masq Box is the gateway and away you go!
Performance
Masq Box is extremely efficient, requiring only a 386 to run. For
similar performance, a typical Windows based stand-alone Proxy
Server would require at least a Pentium-90. For a Proxy Server
running in the background on one of the client computers,
performance will varry with the activity of the user due to the
pre-emptive nature of Windows Multitasking. This means that
whichever application is being used gets more processor power than
the ones running in the background. If the user crashes the
computer or loads up a word processor, the rest of the network is
going to suffer.
Throughput is considerably higher with MASQ Box than traditional
Proxies. For example, when downloading Netscape Communicator from
the tucows.sk.sympatico.ca mirror site, transfer rates of greater
than 160 kbps are normal. With 10 machines doing the same
download, it averages 17 kbps, which works out to a total of 170
kbps.
Reliability
Masq Box runs on its own computer, and does not use the Windows
operating system. Because it fits on a single floppy disk, the
system has been tailored to act as an internet sharing server, and
everything else is left out. This ensures that Masq Box will never
crash, even in times of high traffic.
Support
Masq Box is being actively developed. Any future updates will be
freely available, and you will be able to download disk images from
the internet.
Pricing
Masq Box costs $300. This includes on-site setup and any future
updates that are released. Please feel free to compare with
competitors. Some of the common ones are listed below. Keep in mind
that some of them are Proxy Servers, and shouldn't be compared
directly.
* GNATBox - Firewall/NAT - http://www.gnatbox.com
* Startech - Proxy Server - http://www.startech.com
* WinGate - Proxy Server - http://www.wingate.com
______________________________________________________________________
If you are interested in this product or further information, please
send e-mail to Jeremy Suurkivi at suur...@sk.sympatico.ca