The best hardware firewall/router in one package

chuckg31 · Post by **chuckg31** » Sun Aug 10, 2003 1:04 am

This really doesn’t have to do with “video” hardware, but it is a hardware question. I want to buy a hardware firewall/router to take to college with me. I was hoping that I could tell you great forum readers what I want to do with a firewall/router and you could hopefully give me your best recommendation.

This is what I want to do.
1.I want a hardware firewall that offers good enough protection so it isn’t necessary to run a software firewall all the time.

2.I plan to run a Linux Apache server on my connection besides my desktop and sometimes laptop, so would I need a piece of hardware with a DMZ?

3.I already have a five port 10/100 switch, so that aspect really isn’t needed

4.The connection will be a college cable connection.

I figured that I need a router so that way I could hook up multiple computers to my connection without the university knowing. Does that sound like a good reason? The last question is a serious one. I figured that they would be able to detect my multiple connections unless I had a router.
As always, any replies are much appreciated
-Chuck

klinky · Post by **klinky** » Sun Aug 10, 2003 1:18 am

If you're going to setup a Linux webserver anyways. You might as well look into IPCHAINS and stuff like that. I am not a linux guru, so I don't know how to setup NAT(Network Address Translation) on linux. But I hear it's quite simple and there are alot of guides.

I am currently using Win2k w/ Internet Connection Sharing to do NAT.

Setting up ANY server behind a router/firewall is a real bitch. Many people have no fun doing it. I run WWW/FTP/NAT and some other mini-servers off of the same server because it's just way easier that way.

Now this connection is a college cable connection? Like in coax cable TV like cable? Or RJ45(fat phone cord) type cable?

I would just slap two network cards in the linux box. One to your college internet connection, the other to your switch. Once you get the linux server setup all other computers on the network can use the linux server as a gateway to route packets out to the internet.

You'll only be using one IP address and all connections will be going out through one computer. There is really no way for someone to know that you have 1 or 100 computers behind a router or a linux server or whatever you use.

~klinky

chuckg31 · Post by **chuckg31** » Sun Aug 10, 2003 4:53 pm

Thanks for the response klinky. Yeah, it's a RJ-45 connection. (I knew I should have put that in the first post). I haven't seen a NIC come with a coax connection in a long time. Does anyone still use coax? Some of the old ISA NIC's at the library I work at have coax and RJ-45 connections. Those cards are only 10 base though.

I suppose it might be cheaper to do it the way you suggested too. I'm fairly new to linux. I thought that if you ran a www server on Win 2K only a max of 10 people could be connected to your site at once. Is this wrong?

The reason I am going to run a linux server is because the computer I am using is an old AMD k6 233 Mhz with like 96mb of pc66 sd ram. Win 2k runs like crap on that, but linux without the gui runs great. I can also control the server remotely using real VNC and a program called Webmin. My objective is to have the server under a desk or in a closet where it's not in the way and I don't have to mess with it.

Nurd · Post by **Nurd** » Sun Aug 10, 2003 5:33 pm

chuckg31 wrote: I suppose it might be cheaper to do it the way you suggested too. I'm fairly new to linux. I thought that if you ran a www server on Win 2K only a max of 10 people could be connected to your site at once. Is this wrong?

Depends on what version of Win2k you are using, I believe that Win2k Professional, like WinNT Workstation may have the 10 user limit, Win2k Server or Advanced Server should have no such limitations.

chuckg31 wrote: The reason I am going to run a linux server is because the computer I am using is an old AMD k6 233 Mhz with like 96mb of pc66 sd ram. Win 2k runs like crap on that, but linux without the gui runs great. I can also control the server remotely using real VNC and a program called Webmin. My objective is to have the server under a desk or in a closet where it's not in the way and I don't have to mess with it.

Well with Linux you may not have VNC without the GUI, but you can telnet or ssh in and control everything from the command line anywho. IMHO if you're setting up a web server for any sort of commercial venture, may I suggest one of the BSD's, especially OpenBSD, which I believe is the most secure.

Just my $0.02

Nurd

klinky · Post by **klinky** » Sun Aug 10, 2003 9:55 pm

There is no socket limit with Win2k. People connecting to your webserver are not users, they are connecting via a socket. There are upt to 65536 ports/sockets that could be used. Each one takes a bit of memory though and you probably can't have them all open.

There is really nothing preventing you from using all of them except memory and some applications need to be programmed in a certain way to use all those sockets properly.

Of course, I doubt you'd even need more than 16 - 32 max connections on a personal webserver. Unless you plan on swamping it:P. In which case you'd be shut down by the school ASAP ;P