My Netgear FVS318 router/firewall has developed a nasty habit of
rebooting every time it gets both portscaned and repeated gnutella
requests (who still runs gnutella anyway?) so I am looking to put in a
boarder router/firewall to protect it (read replace it if not for the
lack of an 8 port switch) However the wife will not let my drop an old
ugly tower were I need it to go. However I do have a box I am using for
"web tv" purposes that I can toss a firewall on. My requirements are
simple:
* Runs on top of a stranded distribution (Ubuntu, Fedora/CentOS,
OpenSuSE, etc) not as a stand alone isolated distribution on
dedicated hardware.
* Does port forwarding
* Does NAT
* Does Static Routes (Important if I have another router behind
it)
* Does Statefull inspection
* Does not break IPSec/PFS/L2PT/Etc.
* Does custom black listing
* Prevents DoS (Syn flood, ICMP flood, UDP flood, port scans,
“ping of death,” IP spoofing, land attack, tear drop attack, IP
address sweep attack, Win Nuke attack, etc)
* Does intrusion detection, preferably with email alerts
Would be nice if it also does:
* GUI configuration
* QoS
* DHCP
* IAC (Outbound rules)
* SNMP2
* Decent logging/reporting
* GUI Dashboard
* DynDNS
* Web content filtering
* DNS Proxy
* Black list service
Can any one recommend something or am I left to cobble together what I
can with iptables...
Bryan O'Neal
O'Neal & Associates
Phone: (602) 295-4356
Fax: (602) 795-6050
E-Mail: Bryan.ONeal@TheONealAndAssociates.com
Blogger <
http://twitter.com/BryanONeal>
Twitter <
http://mlwtech.blogspot.com/>
Linkedin <
http://www.linkedin.com/in/thebryanoneal>
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
![M](../imgs/g.png "Andrew \\"Tuna\\" Harris at 2009-03-31 07:00")
(text/plain)