AndrewMcHorney wrote:
Hello
I take it that a linux pc could eventually replace the firewall router
which would allow for flexibility of updating firewall software. Is this
correct? I spent some time at Frys looking at the boxes to see how
things are done.
Thanks,
Andrew
Absolutely. Although I don't see how just looking at the packaging of an
appliance firewall/router will help with learning to set up your own
PC-based system.
Most all the popular consumer-grade products (e.g. Linksys, Netgear,
D-link) do pretty much the same thing in, I assume, pretty much the same
way. In the case of Wifi routers, some even run Linux internally,
Linksys being the most well-known, although last night at Fry's, I saw a
new Netgear Wifi firewall/router which explicitly said on the box that
it was Linux-based and aimed at "Hobbyists".
They all have built-in setup and configuration systems built up of a
number of linked web pages. Basic settings are for the usual local and
WAN TCP/IP and DNS addresses, built-in DHCP server, allowed/blocked
services, firewall rules, alert methods (logs, email, etc.).
More expensive versions include VPN (Virtual Private Network) endpoints
which provide encrypted tunnels between your router and one or more
remote VPN endpoints on the WAN. As I said in another post, I use this
feature to support various family members' remote LAN's and computers. I
even have one set up with a friend in Oregon. They're also nice for
private online gaming among people not in the same room (or state).
Of course a Wifi router/firewall includes settings specific to Wifi and
its related security settings. Most of these also have Ethernet ports,
and if you anticipate having wireless clients, they are probably the
most versatile and cost effective in terms of appliance devices.
The main features of off-the-shelf appliance firewall/routers, whether
of the wired or wireless variety, are small footprint, low power, low
noise, and ease of set up and maintenance. The trade off is you are
limited to the features, options, and configurability deemed to be most
important (read marketable) to the product's vendor. Also a home-brew
system will generally be cheaper ($) than its appliance counterpart,
assuming you have enough spare parts lying around to make it so.
The appliance: turn it on and use it.
The home-brew: learn how to build it, learn how to run it, and learn how
to use it.
Which is best all depends on what your needs, wants, and goals are. And,
if I may dare say, how anal you are about controlling your home network.
--
Best Regards,
~DJA.
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
