OSDev.org

I've been thinking alot about my OS design and the time consumed vs. production output, and have come to the conclusion that I have another option that is worth considering.

If you are unfamiliar with my OS goals, here's a brief synapsis:
1: Provide a bi-directional fully configurable firewall.
2: Detect p2p and bittorrent packets and pseudo-handshake or drop them.
3: log all suspicious activities.

I though a dedicated OS would be a great idea and eliminate a LOT of overhead associated with other fully developed OS's with other purposes, but then again, would it not be efficient to run an optimised server application for windows or linux to do the same thing?

take this for example, instead of writing an OS, why not write a 'port' of my os to application form? have a application acting as a dedicated server to monitor all packets in and out, and just use syscalls for the socks and hdd communications?

the main question is, would it really matter THAT much to make an application version and be placed on an existing OS on a dedicated box just for p2p filtering and firewalling? would it be appealing as a marketing idea, or would the OS version be more appealing to a network administrator?

Hi,

I guess it depends how much versatility you are looking at. What market are you targetting?

If you are looking at something which can be embedded in to e.g. switches / routers and so on, then an OS is definitely the way to go. Also, are you confident that your host OSes will allow you enough low level control to do everything you want to do?

One other thing - I'm no expert on computer security, but you mention pseudo-handshaking or dropping bittorrent packets. Out of these options, my recommendation would be to drop them, so that any client isn't even aware that a computer exists at the target IP, rather that pseudo-handshaking which may give the game away.

Cheers,
Adam

I would be trying to appeal to the average college/university/business network administrator, so I doubt it really matters if it is a full PC box or in router form.

As for the pseudo-handshake, for the play-dead routine, it works great to just drop the packets, but the handshake can be great to only have the connection activate ONCE and then the tracker+server leaves the client alone and stops retrying (thus reducing overall network usage due to retry attempts).

you mean some kind of firewall or network emulator?
as for firewall, benchmark this, check whether it differ from your purpose or not.
http://www.astaro.com/

that link posted above, leads to a product extremely similar to that of Barracuda systems, all build on a non-homebrew OS (usually windows or linux backbone) and perform uni-directional firewalling and no p2p/bittorrent filterring. So in short, no... its not quite what I'm looking for. I've decided that I'm just going to keep trying on my OS, even though I can't seem to get much help with the network driver issue that i've been stuck on for a month.