Scribd Logo
Upload

Welcome to Scribd!

  • Building A Strong Home Firewall On A Small Budget

    Uploaded by

    dc0de
    105 views11 pages
    Given at MimosaSec 2/9/14 @ Miramar Cafe, San Diego, CA

    Original Title

    Building a Strong Home Firewall on a Small Budget

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Given at MimosaSec 2/9/14 @ Miramar Cafe, San Diego, CA

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    105 views11 pages

    Building A Strong Home Firewall On A Small Budget

    Uploaded by

    dc0de
    Given at MimosaSec 2/9/14 @ Miramar Cafe, San Diego, CA

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 11

    Building a Strong Home Firewall on a small budget

    Jim Noble, aka dc0de dc0de@foundpackets.org

    http://www.scribd.com/doc/205869161/Building-a-Strong-Home-Firewall-on-a-Small

    Hardware

    Older hardware I had it in my garage ( over 5 years old)


    Free Open Source Software (FOSS) pfSense.org Cox Ultimate Internet Service Claims 100Mbps down, 30Mbps up I get ~80Mbps down, ~25 Mbps up

    Shuttle system (SB51G Ebay ~$150 today) Dual Gig Ethernet Card (Ebay ~$10 today)

    Shuttle SB51G Intel Pentium 2.66 512 MB RAM 80 Gbyte HDD Intel Dual Pro/1000 NIC

    Features

    (http://pfsense.org/aboutpfsense/features.html)

    Stateful Perimeter Firewall Supports IPv4 and IPv6 VPN Appliance (IPSec, OpenVPN, PPTP) DHCP Server and Relay NAT 1:1 and Hide NAT Highly Available options

    Features (cont)

    Inbound and Outbound Load Balancing

    Connectivity Supports cable connections, fixed and dynamic addressing from service provider/ISP, & PPPoE. Supports multiple internal and external connections Wired and Wireless LAN and/or WAN Dynamic DNS updating

    Features (cont)

    Reporting and Monitoring Real time information Live and historical bandwidth graphs with RRD Graphs Logging of traffic Logging to Syslog Captive Portal For Internal traffic going out Several authentication methods

    Setup

    Download ISO or USB image Build Hardware



    http://www.freebsd.org/releases/8.3R/hardware.html My Hardware
    CPU: Intel(R) Pentium(R) 4 CPU 2.66GHz (2672.74-MHz 686class CPU) Dual Intel(R) PRO/1000 Network Card 120G HDD (didnt have anything smaller) CDRom Floppy <- not needed

    Setup (cont)
    Install

    CD and boot

    Follow

    the bouncing ball Need to know which interfaces are outside and inside Need an administration username and password

    Setup (cont)

    After the command line install, you switch to a web based installer/interface Easy to navigate Add additional packages

    pfBlocker country IP Blocking UPnP Universal Plug and Play Many others

    Lastly, it's easy to use.


    Demo

    Questions?
    Contact

    info I'm happy to assist in building your hardware remotely

    me via email if you want more

    You might also like