I had asked a similar question in this post..
http://www.antionline.com/showthread...&postid=551732
(i'm still on dialup :( .. )
my buddy will go with the BroadGuard NBG800 Secure Cable/DSL Router
http://store.yahoo.com/sohowaredirect/nbg800.html
Printable View
I had asked a similar question in this post..
http://www.antionline.com/showthread...&postid=551732
(i'm still on dialup :( .. )
my buddy will go with the BroadGuard NBG800 Secure Cable/DSL Router
http://store.yahoo.com/sohowaredirect/nbg800.html
Whoever game me the negative AntiPoints for posting an suggestion, you can suck my mother ****ing dick. You spineless coward could not even put your name to it.
Your a disgrace to the human species. If your a man, you'd better consider a sex change. That was the most bitch-like, pussy ass thing to do. once a gain **** YOU, YOU ****ING **** LICKING PUSSY, I hope I meet you in a dark ally one day so I can ram my fist through your pasty, pimpled face. I hope you die a horrible, slow, painful death you amoeba.
****ing die!
Points I'd like to make for anyone thinking of going old pc and the NIX route:
* The pc should have at least 64 megs of ram (more is always better)
* Open the case for the old computer and verify it's slots are PCI standard
on the motherboard so you'll know the cards will fit and you won't end up making
a wasted trip to the computer store.
* Check the support pages to see if the Nic card you have is supported
* Keep up with the patches and security updates
Recommended Nix Firewalls:
---------------------------------
http://www.dubbele.com/
This firewall is based on Netbsd operating system it's not hard to setup or
configure, you have to download a few files to make some boot disks then you can ftp
the whole release off the Internet it may take some time depending on
the speed of your connection. I like this one because it's not a hassle to get going.
http://www.smoothwall.org/community/home/
Smoothwall is based on Linux if you have a cd-writer you can burn the firewall to cd
and install it offline or pay the few extra bucks and buy the cd and get support.
Devil Linux :
http://www.devil-linux.org
cd based firewall (doesn't need a hardrive) if some script kiddie cracks the box any changes
he made are gone once you reboot.
Happy Hunting!
Sharky
Whoever the spinless chicken **** is who keeps giving me negs. All I got to say is: keep on keepin on. Your pathetic negative antipoints mean nothing to me. It doesnt hurt me, it doesnt hurt my feelings, the fact that your to much of a bitch to put your name on it makes me laugh at you.
your the equal of a jellyfish. Wait, no, thats mean to jellyfish. Your less than a pile of ****. I wouldnt even step in you. So bring it on.....give me more negs. It wont stop me.
2.4 ARE YOU INSANE! j/k. Yeah, my sister won the crappiest computer I have ever seen from AT&T a long time ago, they were getting new ones, I made that my firewall, and play around with linux on that one. It is cheap, fast enough and effective. The only problem was my mom getting annoyed at me for wasting the power :) And as for DOS attacks, well, they are an attack on your bandwidth, so they aren't trying to crash your computer, they are fairly hard to block. But with some packet filtering the worst that can happen is that your internet lags, and that your crappy computer will be laggy as well, and may crash. It doubt it will crash, because it is running *nix but I say this because when I set up my crappy computer I had originally installed windows and my friend tried to DoS me, and crashed it.Quote:
A better investment would be an old PC (eg a dusty old 486 etc)
install *nix and a 2.4.x kernel and play with Iptables
EDIT:Not true at all, and though it is true that when everybody says any computer can run linux, it is somewhat of a myth. But you don't need that much ram at all, in fact I reccomend against it just to save some money. Mine has 16 and has never crashed on me so far, just install a minimum of packages, and setup a good firewall, something efficient.Quote:
The pc should have at least 64 megs of ram (more is always better)
if a used computer is strictly used as a router/ firewall & nothing else if someone uses just 16 or 8 megs of ram things will be slow if it's shared by 2 or 4 computers in the home and if their is a gamer
in the house who has a need for speed well he isn't going to be happy and the other people
aren't going to be happy when they try to surf the web and slow to a trickle so what's not true?
With some of this talk of building firewalls
and using old 386's - I thought it worth
plugging the firewall I use - www.smoothwall.org
Works freaking great! - does NAT, has snort embedded,
awesome config screens - even has a proxy server
built in. I read about it on another forum and
owe it to the makers to spread the word!
I run it on a P120/32RAM - you download an iso
image, burn a cd - boot from it and answer the
questions - I've been impressed!
I have good experiences with a similar linux based system: BBIagentQuote:
Originally posted here by dantel
With some of this talk of building firewalls
and using old 386's - I thought it worth
plugging the firewall I use - www.smoothwall.org
BBIagent fits on 1 1,44MB floppy, you don't need a hdd
www.bbiagent.com
they have a 80386/80486SX version too
The advantage using a pentium I box is that they have the right pci slots / Bios etc... -> easier configuring your nic's.
about the 64 MB Ram, you don't really need that amount of ram, those linux router boxes are fast. Even with less ram. But offcourse if you want to improve performance and speed you can always add more ram, or upgrade the box.
BBIagent has NAT and stateful firewall: (source: www.bbiagent.com
Network Address Translation (NAT)
Translates private IP addresses into a global IP address to share a single high-speed connection and allow a group of users to share a single ISP account. The internal network structure is invisible from the Internet.
Stateful Firewall
Allows related connections to pass through the router. Its firewall can also block common hacker attacks, including IP spoofing, ping of death, port scan and TCP SYN flooding etc.
yanksfan
yep you can use your 386 box (or better :) ), you will need two NIC's, a floppy drive and at least 8MB of ram. (if you have a dail up conenction with external modem you don't need the 2 nic's but 1 nic for the lan and your (serial) modem for the WAN.
setup example
-------------------
Code:
Internet (WAN) (ISP DHCP server)
|
|
NIC 1 (public IP, DHCP client) 12.34.56.78
FIREWALL
NIC 2 (Internal IP, DHCP server) 192.168.1.1
|
|
switch or hub
| |
| |
pc 1 pc 2
dhcp client dhcp client
For all of those clueless users out there thinking that hardware firewalls are any better than software firewalls. **** YA!
The *only* advantage that hardware boxes have is their pre-tuned OS. Consider Nokia's IP series for example, it runs CPFW-1 -and CPNG lately- but so does Solaris. SO why would I bother myself with buying a box that just can't be upgraded in terms of hardware and software? Specially that I can't afford another box to do all the other routing stuff???
There's a myth that says HW boxes are faster. That's another plain stupid lie. Most major companies tune their OSs and network stacks to do zero-copy networking, wich can be easily done on other open-source SW boxes. You have FreeBSD's IO-Lite addition.
Another thing is the vulnerability risk. When there's a problem in their code, either in the OS or the FW's code. One has to wait until the company releases a fix, wich prooved to be a disaster when my Nokia box was struck by Nimda, I can't even add a patch to it's Apache-like webserver -used for configuration- to stop this thing, either form propagating into my network or from filling my logs...
In short, HW appliances are the myth that every SCRIPT KIDDIE thinks is THE security solution, reality and experience have proven that solutions from learding companies and alliances run on SW as on HW, after all, they are all SW.
Just check the OPSEC alliance's **** if you doubt it.
--Chief TroubleMaker
Umm.....I was at the apple store at a mall today and I saw a router/VPN capable hardware tool. I found it to be really nice with the security features out of the ones I have seen. Asante makes it and it logs all types of attacks and is proven to do better than linksys 4 port router and other routers. The datasheet (requires adobe acrobat) is here: http://www.asante.com/products/route..._datasheet.pdf
When it comes to bandwidth, it says that it's faster.
Has NAT with SPI.