|
[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
[NMLUG] Re: [NMOSUG-L] Hardware firewall recommendations?
If you have an old PC laying around with a couple of NIC's I would suggest a
Smoothwall router. http://www.smoothwall.org
Out of the box it will do everything you ask for with the exception of packet
logging. It does do a minimal logging but you can install an ACID/SNORT mod
that will log and report anything you want.
I don't believe you can manage the router out of bandwidth. The default
setup is to manage via http from inside the lan only.
It's very customizeable via the user forums.
I've been running it for years at my home with my dozen or so PC's and
servers.
Tim
--- Sarang Gupta <_sarang_@sarangworld.com> wrote:
> Does anyone have recommendations for a simple, 2+ port, inexpensive,
> home-use hardware firewall/router? Specifics:
>
> % The firewall/router would sit behind my cable modem, accept a public IP
> address (via DHCP) from the cable modem, and pass on NAT'd IP addresses to
> two machines, so that both machines could access the Internet via a single
> cable modem.
>
> % I don't run servers at home, so all incoming packets should be replies
> to packets I've sent out-- all "unsolicited" packets should be dropped.
>
> % The firewall/router should log the time, IP address, and port of all
> outgoing packets (ideally w/ exceptions for a set of "trusted" IP
> address/port combinations I specify), ideally storing these on its own
> hard drive. This log should include UDP, IPX, and other non-TCP packets.
> I'm particularly curious to see what packets are being sent when I'm away
> from the computer (I run cron jobs, continuous ssh sessions, realize that
> browsers will reload pages w/ "refresh" set, etc, so this traffic won't be
> zero-- but any unrecognized packets when I'm not at the computer will be
> highly suspicious)
>
> % The firewall/router should ideally be configurable only via a hardwired
> connection (eg, COM port using minicom). Less ideally, machines on the
> inside should be able to configure the firewall/router. Configuration from
> outside (even w/ a password) should not be allowed.
>
> % The firewall/router should block (or, ideally, redirect) packets to
> certain IP address/port combinations I specify.
>
> % I looked briefly at AlphaShield (alphashield.com). It's a bit too "black
> box"y, I don't trust it's "artificial intelligence", it doesn't seem to do
> any logging, and they don't have a good technical explanation of how their
> device works (you have to register just to get a white paper!). However,
> this is close to what I'm looking for -- a simple firewall (no VPN, no
> tunneling, no DMZ, no opening specific ports, no multiple routes, etc)
> for computers connected to the Internet as "clients". IE, what I need is
> something much closer to an AlphaShield than to a PIX.
>
> % I realize that Linux itself can do a lot of firewalling, and that I
> could use IP masquerading to connect multiple machines to a single cable
> modem connection. I even feel a bit rube-ish considering a hardware
> firewall. However, if my Linux box has been compromised, using it as a
> firewall would be a false sense of security. I'd rather have a clean,
> single-purpose, harder-to-crack device monitor and block packets.
>
> --
> Sincerely, Sarang Gupta (_sarang_@sarangworld.com)
> Backup Email: sarangorama@gmail.com
>
> _______________________________________________
> NMOSUG-L mailing list
> NMOSUG-L@mailman.swcp.com
> http://mailman.swcp.com/mailman/listinfo/nmosug-l
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
|
|
