[SATLUG] Home Network Configuration

Tweeks tweeksjunk2 at theweeks.org
Sun Apr 25 22:32:43 CDT 2010


On Saturday 24 April 2010 03:56:39 pm Matt Grooms wrote:
[...]
> I'm a gig fan of IPCop, and have used it exclusively for about six
> years. It's extremely easy to install, yet powerful as well.
[...]

Hey Dylan.. Matt knows what he's talking about.. he's been using ipcop a while 
and it does a nice job.  It's essentially a full feature firewall distro with 
some nice remote management features that installs to hard drive.

Another option that I've recommended a lot is Devil Linux. The biggest 
difference here is that it's a live CD firewall distro that runs off CD and 
stores its config on flash drive (no hard drive or other moving parts 
needed).  The nice thing here is that upgrades consist of replacing the CD 
with the upgrade version and rebooting.  The config is read off flash, 
updated (if needed) and <POOF>.. you're upgraded.  It's also nice because if 
somehow the system is ever hacked, you just reboot and the read-only CD-ROM 
boots and nothing is compromised (I even keep my flash media read-only).  I 
have done a couple of presentations on this at XCSSA.. This one covers how to 
quickly :
	http://xcssa.org/files/XCSSA-SOHO-Firewall-DMZ-Web/img0.html

Here's what such a system (with DMZ) ends up looking like:
	http://xcssa.org/files/XCSSA-SOHO-Firewall-DMZ-Web/img11.html

On my system.. I like to underclock the CPU and remove all fans from the 
system.. making for an extremely reliable setup (no moving parts but for the 
CD-ROM.. and even that could be made into a bootable flash device).

Let me know if you have any questions or anything..

Tweeks



More information about the SATLUG mailing list