I was just wondering, what is the difference between having a LEAF box and just going out and buying a hardware router for fifty bucks.
I have since received many valuable replies. I did receive one reply from a gentleman that I would like to post here for the LEAF archives:
From�:� George Metz <[EMAIL PROTECTED]>
Sent�:� February�28,�2004�10:11:41�AM
To�:� joah moat <[EMAIL PROTECTED]>
Subject�:� Re: [leaf-user] What's the difference between LEAF and hardwarerouter?
It really does depend on what you're doing with the home network. Here's a couple of examples that preclude a (safe) Router-in-a-box setup from working well:
1. You want to run a small website for stories, artwork, family photos, etc. Port forwarding and "virtual DMZ" settings will still leave your entire network open to compromise if the server the website runs on is compromised.
2. You need to connect to a VPN from home for work reasons. Several of the router-in-a-box solutions do NOT play well with some VPN setups; most notably, I've seen numerous issues with Linksys routers and Nortel Contivity VPN switches using IPSec for connections.
3. Online games become more difficult, or sometimes impossible. For example, I have a Microsoft MN-500 that I got because my LEAF disk went dead in a move, and I was too busy to set one up. Both my wife and I play Asheron's Call, which is a game similar to Everquest. (One, I might add, that was published by Microsoft.) I ended up having to set up a new LEAF box just so the two of us could be logged into the game at the same time; apparently, it couldn't handle WEP encryption, DHCP (server and client), firewalling, AND actually allow for multiple UDP ports to be sent on a port-activation trigger. In fact, it actually managed to confuse which machine should receive which data, which indicates problems with basic NAT functionality, as well. After messing with Asheron's Call port configurations for a couple of weeks, I gave up, swapped in a LEAF box, and reset the port settings to default on both computers, and it worked flawlessly even with blocking all traffic of any kind.
4. You want something more than the dummy interface on the router, or you're slightly more paranoid than the average bear. I personally get a pretty big kick out of checking my logs every once in a while to see what bounced, then running down who owns them and trying to figure out if it's an idiot or a compromised box or what.
Routers-in-a-box like the ones you're talking about are just barely adequate for home users with more than one computer and no idea of what they're doing. If you're a hobbyist, or are even just more aware than many of how easy it can be to compromise a system, LEAF blows away any combination of hardware router and software firewall I can think of, and it gives you far more options for packages, as well.
George Metz
_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=dept/bcomm&pgmarket=en-ca&RU=http%3a%2f%2fjoin.msn.com%2f%3fpage%3dmisc%2fspecialoffers%26pgmarket%3den-ca
------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
