Re: Pros and Cons of Using an Old Box as a Router

Top Page
This message is part of the following thread:
M+++-\the complete thread tree sorted by date
MMMM.MKurt Granroth at <-
MMMM\Patrick Fleming, EA at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Kurt Granroth
Date:  
To: plug-discuss
Subject: Re: Pros and Cons of Using an Old Box as a Router
On Feb 16, 2005, at 10:04 PM, Alan Dayley wrote:
> On Wednesday 16 February 2005 06:09 pm, Craig Brooksby wrote:
>>
>> 1) Are there clear reasons why running an old box + Linux as a router
>> / firewall / etc. is *better* than just using the features in the
>> little $60 router? (I mean, the *fan noise alone* from this old box
>> is enough to tilt the scales for me :-)
>
> Pros
> - Learn OS and network admin stuff
> - Learn firewall techniques
> - Better logs
> - Use sniffing tools to find/see/learn
> - You can make it from parts so no $ up front
> - Wider control over port forwarding, packet dropping, etc.
>
> Cons
> - Noise
> - Install and setup time (though not much for just a firewall)
> - Maintenance time/costs
> - Electricity use is much higher
> - Maybe too much to learn (but most firewall distros can be install and
> forget)

There is a hybrid approach to this. Buy a $60 Linksys WRT54G and
install the OpenWRT Linux distribution on it. Then, you would have a
dedicated hardware firewall at uber-cheap prices, no noise, and low
electricity use but still have the flexibility of Linux.

I have a WRT54G and while I knew that it can run Linux, I didn't buy it
for that reason. I honestly couldn't think of a good reason to hack a
perfectly working dedicated system to approximate your own version of
it. And then I came across a page describing one of the slickest hacks
I've seen in years:

http://p3f.gmxhome.de/OpenWRT/Configure-OpenVPN.html

This page describes how to install OpenVPN inside of your WRT54G so
that it's the default encryption for all your wireless networks! You
can then just turn of WEP and WPA on the wireless cards since the
router now only accepts connections from systems with the right OpenVPN
key. And all traffic over the wireless link is fully encrypted. PLUS,
it might be possible to setup things like automatic OpenVPN tunnels
over the WAN/Internet port with automatic routing to some remote place
like work. The possibilities almost have me drooling, here :-)

I haven't actually done this yet since there are a few things to
consider:
1. Right now, the router "just works". Messing with it will
temporarily break that... and do I want that?
2. I have one of my TiVos hooked up to a wireless card. Since it can't
handle OpenVPN (AFAIK), it would have to be able to connect via the
normal WEP route... which is a minor bit of a security hole. Plus, I
would have to figure out how to specially handle that one system

Still, at $60, I may buy another one just to play around with it!

Kurt

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: Pros and Cons of Using an Old Box as a RouterRe: Pros and Cons of Using an Old Box as a Router->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)