If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Slightly OT question about network setup..
Hi all.. I've got a question for you if you feel the need to reply..
We're working on a house remodel and we're about a month into the project (demo is all done and framing is coming soon). Anyway, I'm planning on running CAT6 from almost all rooms to a central location in the house where all wires converge for connection to a multi-port switch (10/100Mbit for now, but will eventually move to gigabit unless I can find a gigabit switch on the cheap). Anyway, I'd like to move to a fully configurable router/firewall setup over what I'm using now (an Apple Airport Extreme) and am pondering my options. My specs for such a beastie are below : 1) configurable firewall -- can allow ranges of ports to be unblocked and can distinguish between TCP and UDP blocks -- something that Apple really doesn't allow directly in addition to the usual firewall featureset. 2) rack-mountable preferably 3) Not consume tons of power 4) Support wifi either directly or via something plugged into it. 5) web-based configuration (preferably) Since I've got a Proliant 6400r sitting at home chugging along as usual, I was thinking about using it as the firewall/router in addition to it's current jobs running a web server, mail server database server,etc. I'm concerned though that IF the firewall is breached for some reason, that said "hacker" could damage my files/photos,etc that sit on the same server.. Is this something that I should be worried about and should I just get a separate box to use as a firewall/router -- and do you have any suggestions for something on the very cheap end of things.. Anyway, just thought I'd ask you guys since I'm sure you've done this before. |
#2
|
|||
|
|||
Slightly OT question about network setup..
Rick,
Check out M0n0wall. (www.m0n0.ch) Its a freeBSD Based firewall/ router that meets all of the criteria that you listed. Its designed to run on PC based hardware and there are supported vendors (WRAP and Soekeris) that provide small footprint and low power platforms that this firewall runs on. It supports a number of add-in wireless cards too. If you want all of the features of an enterprise firewall (Intrusion detection, failover, etc.) check out PFSense (www.pfsense.org). I use a M0n0 at home running on an Intrusion.com PDS 2100 (Picked up on ebay for $20 US) which has a 600mhz Celeron and 128 megs of ram and is smaller than the average computer How To book. My first Mono was on an old Compaq DeskPro. Note: FreeBSD and Linux have memory detection issues on all older COMPAQ servers, you have to change the kernel image if you plan to use either M0n0 or PFSense on one of them. VinceV |
#3
|
|||
|
|||
Slightly OT question about network setup..
On Jul 9, 4:01 pm, VinceV wrote:
Rick, Check out M0n0wall. (www.m0n0.ch) Its a freeBSD Based firewall/ router that meets all of the criteria that you listed. Its designed to run on PC based hardware and there are supported vendors (WRAP and Soekeris) that provide small footprint and low power platforms that this firewall runs on. It supports a number of add-in wireless cards too. If you want all of the features of an enterprise firewall (Intrusion detection, failover, etc.) check out PFSense (www.pfsense.org). I use a M0n0 at home running on an Intrusion.com PDS 2100 (Picked up on ebay for $20 US) which has a 600mhz Celeron and 128 megs of ram and is smaller than the average computer How To book. My first Mono was on an old Compaq DeskPro. Note: FreeBSD and Linux have memory detection issues on all older COMPAQ servers, you have to change the kernel image if you plan to use either M0n0 or PFSense on one of them. Thanks Vince.. Sounds like something to check out.. I've got an older Epia M-series board at home that I could use for this if I can find a power supply for it.. |
#4
|
|||
|
|||
Slightly OT question about network setup..
Rick F wrote:
snip Anyway, I'd like to move to a fully configurable router/firewall setup over what I'm using now (an Apple Airport Extreme) and am pondering my options. snip I suggest building a router and firewall box on x86 or Sparc (anything from sun4c for Sparc and Pentium I for x86 or up) using OpenBSD and standard applications such as 'snort' and 'squid'. OpenBSD's 'pf' facility is a very good filter and redirector/NAT engine built into the O/S and OpenBSD is designed with security as an imprimatur. I have run OpenBSD on Sparc in this manner for our border router (which is also a firewall and NAT router) for many many years with excellent performance and security. You will need to ramp up the learning curve to make sure that the kernel is built and configured according to your security requirements and that the applications are also built and tuned for your specific needs. In our case the router runs diskless and headless for increased reliability and security. BTW, shame on any project that names itself in 'leetspeek' (e.g. m0n0wall) especially one targeted at security. Regards, Michael |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
IP (network) camera setup question | C2 | Webcams | 6 | October 4th 05 11:29 AM |
slightly OT USB question | Matt | Homebuilt PC's | 3 | July 25th 05 03:07 PM |
Slightly OT value question | Matt | Homebuilt PC's | 10 | February 17th 04 02:06 AM |
Network Setup | Matt S | General Hardware | 0 | December 12th 03 07:05 PM |