Zeroshell Delivers Big Network Services in a Small Package
Zeroshell Does it All
Hand-rolling your own Linux-based network servers, routers and wireless access points is easier than ever largely because of the proliferation of tiny, specialized Linux distributions like Zeroshell.
Suppose you have a nice little PC Engines WRAP board. Get yourself a 512MB Compact Flash card, and you'll have 400MB available for data storage. Which should be way more than you need, especially if you have a separate syslog server. It is a good practice to store logfiles on a separate device for better security and performance, and fewer writes on your CF card.
What can this little Linux do? Pretty much everything a network administrator needs. First off it's very nice to administer because of its sophisticated Web administration or serial console administration. From here, you can run a RADIUS server, use Kerberos authentication, build a stout iptables firewall, or set up a secure virtual private network (VPN) endpoint or server.
Zeroshell shines at setting up a RADIUS authentication server. The most painful part of using RADIUS for wireless WPA2-Enterprise (using EAP-TLS and PEAP) authentication is creating a certificate authority, and client and server certificates. Zeroshell removes the pain with its easy-to-use Web interface.
Zeroshell also includes a captive wireless portal with Kerberos authentication. Future releases will include accounting and time-tracking. This captive portal has some nice options, such as allowing "free" users that don't require authentication and users that do. It also can use external Kerberos realms for authentication, such as an Active Directory server, so it works for both public hotspots and private networks.
Zeroshell has many excellent features, including multizone DNS, and static and dynamic routing. See the Zeroshell site and mailing lists for more good information.
Article courtesy of Serverwatch.com