so, i've been using a 3Com wireless router (with stateful packet inspection enabled) for quite some time. i've had no issues with it, but, being the fact that i'm a bit of a nerd, i finally got off my butt and dedicated a machine to build a IPCop Linux firewall.

honestly, the feature set is pretty impressive.
1. vpn server
2. segregated LAN/WLAN/DMZ networks
3. available integrated AntiVirus
4. integrated DynDNS support
5. available integrated spam filtering

and quite a few other options.

i'm curious if anyone else has done something similar or not. if yes, what have your results been?

for those interested at looking into this:
http://ipcop.org/

 

My results is that I dont like paying for a 100W+ PSU to be running for my firewall, and just run OpenWRT on a Linksys box

I get the vpn server, segregated networks, dyndns for less than 5W, and let my email provider deal with the AV/Spam filtering.

 

I don't see how running a dedicated "system" as a firewall is worth the power usage to protect a few computers... especially to protect computers that PROBABLY aren't under watch/attack.

But for a very long time I ran an OpenBSD firewall computer. I would recommend it over ANY distro of linux... OpenBSD = the MOST secure OS on earth. if you're gonna do it... do it right

 

That's a lotta security, for home? Must have a ton of kiddie **** to protect!

i kid, i kiddie kid.

 

 

the reason for this, is that at one point when i was downloading some WRC videos, i was being attacked about 400 times per day by people in countries ranging from finland to china and everywhere in between.

and last i heard, isnt NetBSD the most secure version of BSD available? i'm no unix guru, so i cant really say...

 

What each distro of BSD is known for:
FreeBSD = The easiest to setup/use BSD
NetBSD = It will run on anything, **** even your toaster!
OpenBSD = security security security.

OpenBSD had like two exploits in 10yrs.
It's pretttty damn legit for security. You really can't beat it.

 

Hah, glad to see there are other people building unneccessary home networks.

I have an absolutely overkill asa 5510 for my home IDS/VPN/FW setup http://www.cisco.com/en/US/products/...ries_home.html

 

I just purchased a SonicWall TZ190U.

 

i used to have a cisco pix 501 firewall haha. sooo unnecessary but i loved it.

 

My network is a bit more hardware based, listed from top to bottom in drill down...

1)D-link Cable modem flashed DOCSIS3.0 "cooked" beta rom
2)Sonicwall TZ170 25 license with advanced bios. Antivirus, antispam, and aggressive packet watch all turned on.
3)D-link wireless router set on the TZ170's DMZ (hardware isolated) and of course locked down with WPA2
4)Managed 1000/100/10 switch

As of right now my file server (windows 2003 machine, VM ware, 2 windows 2003 servers so far on it) is down for upgrades but will be back up soon. My exchange server sits on a rack in a colo as soon will my web server for my parked domains.

 

you can not go wrong with a Sonicwall, they are in my opinion, one of the best router/hardware firewall combos out there.


Now if I could just justify the 10k cost of a barracuda unit for my mailserver

 

we use barracuda for our mailserver and honestly it is the best i have ever seen. we did not have to buy it, just rent it.