Once I got through the Firewall-type OSes, I started to wonder what ELSE could be installed on the device? Could we turn it into a Web Server? Mail Server? What else could we do with it?
Base Server
- Installs, configures, and boots fine
- Encrypted LVM partitioning works great as well
- though you would need a keyboard and monitor at boot to enter the decryption key
- Installs, configures, and boots fine
- though the interface naming is a bit unusual
- Encrypted LVM partitioning works great as well
- though you would need a keyboard and monitor at boot to enter the decryption key
Web Server
- Installs, configures, and boots fine
Mail Server
All the real, fully featured Mail server solutions required a base install of sorts, and then the software/packages are installed on top of the server OS.
- Installs, configures, and boots fine
Sovereign - email and contact/calendar server
- Installs, configures, and boots fine
- Installs, configures, and boots fine
Mail-in-a-Box only supports being installed on Ubuntu 14.04
- Installs, configures, and boots fine
SIEM
Security Information and Event Management
- Installs, configures, and boots fine
- Installs, configures, and boots fine
Virtual Server
Though perhaps not best suited to the smaller devices (like the *G105 series devices I tested with), this may be a useful/viable option for some of the larger devices.
Using VirtualBox and phpVirtualBox on top of a Base server with some Web Services (Apache, nginx, etc...), taking queues from a How-To over on HowToForge
- Installs, configures, and boots fine
- Installer does not boot/start properly
Desktop Linux
Since the Base Server installed just fine, I figured it shouldn't be that much of a stretch to install a desktop environment and just use that. But if I am going to make use of a desktop environment like that, I might as well use an actual Desktop-type distro that already has all the nice integrations set up for me. Yes, there are many MANY others out there, but I just wanted to quickly hit some of the major players, since the core/underlying OSes (RedHat, Debian, etc...) will be similar to others.
- Installs, configures, and boots fine
- Installs, configures, and boots fine
- Installer completes fine
- but the device crashes/cores upon boot
- Neither the CLI nor Live options detected the CD/USB to complete the installation
Actual DVD
- Installs, configures, and boots fine
- Encrypted LVM partitioning works great as well
- though you would need a keyboard and monitor at boot to enter the decryption key
- Installs, configures, and boots fine
- Encrypted LVM partitioning works great as well
- though you would need a keyboard and monitor at boot to enter the decryption key
Could you imagine this? The hardware LOOKS like it's a network security device, but in all reality it's ACTUALLY a hack box, sitting and waiting to do your bidding. Install VirtualBox on that bod boy, and install Sophos in a VM, and you could have, for all intents and purposes, a secure Sophos device, meanwhile, it's just a front. I might set this up in the future and REALLY poke about on it and see what we could do with that kind of setup.
Sophos Home Edition
Wait what...??? Wasn't this about NON-Sophos software? Yes, yes it is. I went through all the above noted OSes, then a thought occurred to me, why not try and see if the Home Edition of UTM and/or XG will work on the devices. Since the only real difference in Licensing, this should work just fine. That being said, the UTM and XG installers (seem to) check the HDD for an exiting UTM/XG installation, and verify whether or not the hardware is a Sophos Appliance, and if it is, it will NOT perform the install. So the secret to making this work is noted above in my 'process', where you delete/remove the existing partitions and filesystems, and run the installer on a 'blank' HDD like that.
Limited to 50 'internal' IP Addresses
- Installs, configures, and boots fine
Limited to 4 CPU cores and 6GB RAM (this is roughly equivalent to an XG 135)
- Installs, configures, and boots fine
Final Thoughts
As you've seen, there are a number of options as to what you can do with an 'old' Sophos Appliance, and this is hardly scratching the surface. Feel free to experiment and test what you will on a spare/extra/old Sophos device; let me know the results, and I'll put them up here crediting your work and efforts. Also, if there's any key/important/big OSes that I missed, just contact me to give your suggestion, and I will be sure to respond in turn.
