[clug-talk] IPCop
John Jardine
john_e_jardine at spamcop.net
Fri Jun 12 15:41:12 PDT 2009
On Fri, 2009-06-12 at 16:05 -0600, Gustin Johnson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Peter Van den Wildenbergh wrote:
> >
> >
> > Joe Shuttleworth wrote:
> >> Thanks for the input. It looks like installing IPCop is best on a
> >> separate computer.
> >> I have a P3 I could use. I was just wondering how much power it would
> >> use to have another computer running ?
> >>
> >> Would using a router give enough protection or would I need a firewall?
> >>
> > You can always 'hack' a wrt router and put some FOSS software on it.
> >
> > google for openwrt & tomato
> >
> > http://www.polarcloud.com/tomato
>
> The tomato firmware is a little out of date, I would avoid it given that
> a lot has changed in the past couple of years.
>
> > http://openwrt.org/
> > And others...
>
> I am a big fan of openwrt. You can even run openwrt on X86 hardware,
> giving you the best of both worlds IMO.
>
> Of course I am now right back where I started, a vanilla Linux box where
> the routing, netfilter, DNS, etc is all configured by hand.
> >
> > Running a computer has a bigger environmental impact than a little
> > 12Volt device...
> >
> There is a middle path. I am putting together an Intel Atom based
> system to use as my firewall/router (John how was your experience with
> the ALIX? For me those ALIX boards just do not have enough jam for
> SNORT @ 15Mbit...) and IDS.
I don't use mine quite the same way. I still use my RT-314 as my
external firewall and a LINKSYS BEFSR-41 as my internal one.
My ALIX is configured as a router between the two firewalls - it's
primary job is as a VPN endpoint allowing access to equipment in my
networking lab (3rd sub-net). It also logs every packet that crosses
it. If any user tries to crack my primary wire-line network from there
I would be most annoyed because that's where the printers/NASs/computers
are.
Hmmmm... maybe I should move the lab network to home to my wireless
network, that way there is no advantage to having access to the lab
network.
>
> Also, like Shawn, I dislike how some words like "router" and "firewall"
> have been abused. As much as I would like everyone to understand the
> subtle differences, for the purpose of this discussion you can use them
> interchangeably.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkoy0RMACgkQwRXgH3rKGfPymQCeLE9rbH56QiZPat2K7zJNj5IR
> Wb8AoJiD/k5zryvaUmqD59tirVmIgL0M
> =Ivzj
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> clug-talk mailing list
> clug-talk at clug.ca
> http://clug.ca/mailman/listinfo/clug-talk_clug.ca
> Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
> **Please remove these lines when replying
More information about the clug-talk
mailing list