What does Sup Forums use for firewall hardware and software?
I'm finally building a freenas machine and figured I should go ahead and add a firewall to the mix. I'm thinking about just putting pfsense on an old pc I have lying around just running boinc, but I've also been thinking about buying a cheap, fanless micro box pc that would have a much better form factor and use less power (going to put it on a ups along with the server, switch, etc)
Firewall hardware/software
John Ross
Austin Smith
>What does Sup Forums use for firewall hardware and software?
common sense 2016 premium edition
Xavier Wright
Tinywall firewall for windows.
Gabriel Morris
I made an ITX machine into a pfSense box a while back. cheap wireless router hadn't had a firmware update in five years, I didn't want that between my machines and the internet
Dylan Robinson
Common sense doesn't help defend against the hoard of Chineese 9-5 workers who's only job is to break into internet facing devices such as servers. Some people do things beside browsing Sup Forums and watching anime
Hudson Price
I just have a wifi router connected to a cable modem and for my firewall i use windows firewall.
Noah Gomez
sorry but im not dumb enough to host my server at my home
also your dumb if you think you need a hardware firewall for a home server
Ethan Brown
I use the firewall built into my router and iptables on my NAS.
Sebastian Ortiz
maybe a hardware firewall is a bit overkill but a simple raspberrypi could be a nice and cheap solution for a software one
Levi Torres
Do the iptables work well with allowing clients with dynamic IP addresses to connect? I honestly haven't done much research in this area. Another option is something like pfsense on a vm on the server, but the more I read, the more it seems like it really is better to have the firewall hardware separate from the actual server if at all possible.
I thought about this and actually have a RPi that I'd like to use for this very thing since it's very low power and quiet, but it only has one ethernet port and I'm not sure how well some adapter will work performance wise
Caleb Reyes
ubnt.com
>debian
>low power consumption
>POE w/POE pass-through
Angel Carter
Same as your picture.
Need to get a better switch though.
Samuel Young
>9-5
Yes. Hackers have normal work day schedules.
Adam Evans
>implying that reality is anything like the edgy movies you watch
The NSA in the United States, the UK's MI5, Germany's equivalent spy agency, or China's spy agencies (who are pretty hellbent on clandestine cyber warfare), don't just contract out to neckbeards who live in their parent's basements, smearing doritos dust on their keyboards by the light of the moon. Most people get real jobs and some of those jobs are to engage in cyber espionage and warfare. Perhaps some random shit stain who trolls Sup Forums and fancies himself a hacker might cause some trouble, but that's not the real issue. If nothing else, just read the fucking new occasionally.
ibtimes.co.uk
Daniel Rogers
I haven't seen this before, I'll definitely give it a look. Thanks!
Gavin Allen
1core/256meg vm with openwrt.
It turned out that openwrt is much better for home use then pfsence, it have better hardware support (eg 3/4g modems), sstp, tinc and shadowsocks.
Jackson Ward
pfsense on a 1u mini itx machine
deos the job a treat - firewall, routing, NTP, DNS, DHCP
Charles Powell
I use tiny wall which seems to work pretty well.
Basically it blocks internet access for everything except for the programs you specifically whitelist.
Although it's a bit annoying to setup and maintain (since you need to manually whitelist every new program you install that needs internet access), it is very simple to use.
Ryan Bailey
Pfsense is the best, however you need fast hardware if you have gigabit internet. I have a 1u super micro box with an Intel atom and dual Intel nics. You'd think this would be awesome but it can only route about 750mb/s and I have gigabit fiber.
There's an asrock mini itx board with dual nics and an Intel jt1900 Celeron that will allegedly do 1gb/s. Probably the best option for this sort of thing out there right now. Pair it with one of those tiny Asus mitx cases that comes with an external power supply.
Jacob Stewart
Intel NUC's are some pretty nifty devices for PFSense.
Jaxson Murphy
over fucking powered and over priced for pfsense
Ethan Bailey
Firewall - PCEngines APU1D4 (128GB SSD / Untangle)
Switch - Dell X1018P (16 port GIGE managed PoE + 2SFP)
AP - EAP1750H (PoE)
Phone - Polycom CX700 (5 in service)