• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

How to build a powerful custom router using Linux or Windows?

H

hasu

Senior member
I have had a terrible spyware/virus attack to my home machine (WinXP Pro SP3 with all the latest updates) last week. I left my machine switched on at night (while defragging) and it failed to sleep after that. Next morning when I checked my router DIR-655 there were many UDP connections from this machine to and from various IP addresses. I looked up the IP whois and some were from China and Taiwan and couple of them were from Amsterdam. The machine had a relatively new windows installation with all legal software and some open source tools (mostly development tools).

After this incident, I am thinking of installing a more powerful router with better logging and if possible built-in DNS look up etc. I also would like to restrict accessible IP/UDP ports.

What is the best way to build my own router with more configuration options and logging features? Either Windows XP Pro or Linux should be OK for me. This router will be used for a maximum of 10 clients.

BTW, Is it OK to have a file server in the same machine as the router? Will that compromise the security?

TIA
 
There must be an other explanation to what occurred.

A correctly configured Router with computers that have softwarefire that control outbound traffic should not let his happen, and from that perspective building your own computer Router would only add enviromental noise and raise electrical cost while Not adding security beyond a regular Router.

Almost every one around here use a regular Router and leave his Network On 24/7, and every thing is safe and sound.

http://www.ezlan.net/firewall.html

 
Well, my problem was that when it occurred I was left with very little (log) information. I do not know how much data was transferred to each of these IPs or when those connections started or how many connections where there etc. All I had was the IP addresses, protocol and port numbers of the active connections when I checked. I am not saying that knowing all these would help me in anyway, but just being curious. DIR-655 has very little configuration and logging options.
 
If you really care about logging, then use a router that supports syslog. There are free syslog server out there.

I tried it before, but I don't know how much useful info you can get from it, and you have to have one machine running the syslog server though.

or use linux IPCop / pfSense, I think both have pretty good logging system.

But like Jack said, most people use generic router and is perfectly fine.

Try to prevent visiting unwanted sites (could be accidentally), downloading files from unknown sites, update antivirus program and definition and scan every email received for virus is better way to scope these problems.
 
Originally posted by: mxnerd
If you really care about logging, then use a router that supports syslog. There are free syslog server out there.

I tried it before, but I don't know how much useful info you can get from it, and you have to have one machine running the syslog server though.

or use linux IPCop / pfSense, I think both have pretty good logging system.

But like Jack said, most people use generic router and is perfectly fine.

Try to prevent visiting unwanted sites (could be accidentally), downloading files from unknown sites, update antivirus program and definition and scan every email received for virus is better way to scope these problems.
Click to expand...
DIR-655 does have syslog feature, but I am looking for better configuration options in addition to logging.

Originally posted by: networkman
You could take a look at Coyote Linux if you're wanting Free.
Click to expand...
Is it better than m0n0wall ?
 
I've been using Clark Connect for years. I really like it a lot. So far its been perfectly solid and has a lot of other features like file/print/web/mail servers. The only downside is with all the extra features its a bit more resource intensive then monowall and pfSense. Whats the specs of the computer you'll be running it on.
 
Originally posted by: Bryf50
I've been using Clark Connect for years. I really like it a lot. So far its been perfectly solid and has a lot of other features like file/print/web/mail servers. The only downside is with all the extra features its a bit more resource intensive then monowall and pfSense. Whats the specs of the computer you'll be running it on.
Click to expand...
Right now my experimental setup is built with P3/Celeron-1GHz with 256MB RAM on an Intel D815EGEW motherboad, which I guess would be pretty beefy for a router/firewall. If everything turns out like I wish, I might move it to a smaller foot-print machine for a permanent solution.

BTW, do you use the community edition or paid edition?
 
I am currently using PFSense on a PCengines Alix 2c3. It has all the horsepower and features of much more expensive routers and works great, I highly recommend. You can do all the logging you want also.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top