Monday, September 04, 2006

IPCop - The Bad Packets Stop Here

This weekend I set up an IPCop Linux router for home to replace my Belkin router (in addition to a lot of other network and computer changes). My old web server is now my router, complete with intrusion detection systems via snort. Hell, it's already noticed a few MS-SQL Worm propagation attempts and stopped those (not that I have anything that I know of running MSSQL or the ports open).

All it takes is a computer with at least two NICs installed. It found my Realtek and Netgear using the Tulip drivers and I haven't had any issues with it thus far. I also went and installed Guardian which will automatiicaly watch the IDS logs to block IPs and drop their traffic, Cutblock which allows me to terminate connections as well as block them, and a QoS shaper. All of those addons are provided by Markus Hoffman.

I also set up the ZERINA OpenVPN server, so now I can drop my use of Hamachi for my machines.

All in all it's a really nice firewall, and if you have an extra machine lying around and have wanted something a lot more powerful than those $100 Netgear and D-Link routers, this makes it easy to get into a powerful router.

No comments: