A simple openwrt or dd-wrt compatible off-the-shelf router (think $60 at best buy) allows you to reflash the firmware with a variant of the linux operating system, there by giving you all the functionality and flexibility to configure it however you want.
dd-wrt even includes a flashy gui. On Sat, Apr 10, 2010 at 3:14 PM, Brian Lloyd <brian-wb6...@lloyd.com> wrote: > On Sat, Apr 10, 2010 at 11:24 AM, Michael Walker <va...@portcredit.net > >wrote: > > > Hi Stan > > > > Actually, any of the good hardware firewalls like the one Tim mentioned > or > > the Astaro do also inspect outbound. To be safe, you should shut down all > > outbound ports (targets) except 80 and 443, and then start to open the > ones > > you need. Pretty simple model and it works really well. > > > > It saved me once when a visitor who had a spam bot on his computer with > its > > own mailer that no AV could see. > > > No anti-virus software could see it because most of the good trojan/worm > software subverts the anti-virus system, hence my earlier comment about how > you cannot count on your AV or firewall software on the affected machine. > > > > It was trying to mail 100 messages/min and the Astaro snagged it and shut > > it down as well. That allowed us to go fix it by running an AV rescue > disk > > like Bitdefender or AVG. The built in firewall/routers like the > linksys, > > etc., don't do outbound filtering. > > > > The cheap ones you get for homes don't. This is why I use m0n0wall, which > is > .<*FREE*>. and runs on just about any PC hardware, turning it into a > dedicated network appliance and local > router/stateful-firewall/traffic-shaper/VPN box. > > > > Like Tim, I run mine on an old P4 with 2 nic cards and it doesn't break a > > sweat with my 10mb connection on cable. And, it gets its AV signatures > > updated every 2 hours. > > You can't beat that! > > > > The one thing that m0n0wall doesn't do is anti-virus signature analysis of > the packets (deep packet inspection). Still, it has performed exceeding > well > for me and my networks with a *very* high price:performance ratio. > > -- > 73 de Brian, WB6RQN/J79BPL > _______________________________________________ > FlexRadio Systems Mailing List > FlexRadio@flex-radio.biz > http://mail.flex-radio.biz/mailman/listinfo/flexradio_flex-radio.biz > Archives: http://www.mail-archive.com/flexradio%40flex-radio.biz/ > Knowledge Base: http://kc.flex-radio.com/ Homepage: > http://www.flex-radio.com/ > _______________________________________________ FlexRadio Systems Mailing List FlexRadio@flex-radio.biz http://mail.flex-radio.biz/mailman/listinfo/flexradio_flex-radio.biz Archives: http://www.mail-archive.com/flexradio%40flex-radio.biz/ Knowledge Base: http://kc.flex-radio.com/ Homepage: http://www.flex-radio.com/
