Various sites have reported that BigBro has placed a 'backdoor' in all name brand routers, and that a homemade router is the best countermeasure. I would like advice on buying a cheap used computer, wiping its OS (along with any nasties it may contain), installing a Linux router/firewall distro like Untangle, pfSense, Smoothwall, etc., and configuring it. Unfortunately I have no prior experience with any of this, so regret you're dealing with a total beginner. On the plus side, since I know nothing about this, I have no preconceptions.
I use pfSense. Any fairly recent mini-PC with a dual-core CPU and PCIe v2 bus should work well. You only need 2GB RAM, and also only 2GB disk space. But you do need two NICs, and pfSense works best with Intel server NICs. You could use a 30GB Kingston SSD[0] for $37 and an Intel dual-port 1Gbps NIC[1] for $28. I recommend getting gold support from pfSense. It costs $99 and includes a PDF of their book pfSense: The Definitive Guide. [0] http://www.amazon.com/Kingston-Notebooks-Ultrabooks-SMS200S3-30G/dp/B00DHWE3G0/ [1] http://www.amazon.com/Intel-1000-Dual-Server-Adapter/dp/B000BMZHX2/
Perhaps not what you are looking for, but decided on using a LinkSys router and replacing the firmware with DD-WRT What is DD-WRT? - DD-WRT Wiki
If you don't need loads of throughput, Pfsense will do 50 Mbs on a P3 600EB with 512 megs of RAM, including the caching proxy function (3Gb hdd, Intel dual Nics).
Can this be easily altered to work with wired routers? Regret I do not use anything wireless. Your link mentions " DD-WRT is a third party developed firmware released under the terms of the GPL for many IEEE 802.11a/b/g/h/n wireless routers based on a Broadcom or Atheros chip reference design."
I was thinking more along the lines of buying a old cheap used PC, and just adding an extra Intel NIC, then reusing everything else (after wiping the HDD). Not sure just what sort of PC to look for. I was hoping for a small sort, but heard that to accommodate two NICs requires a mid to full-size tower. Its stuff like this I need to know. I'll put down "2GB RAM, and also only 2GB disk space" on my list of requirements. Thanks for the info. I already have the Intel NICs. Any other requirements for used PC? Am I correct to assume I can safely wipe and re-use the HDD or do I absolutely have to get a new hard disk?
Sorry but I'm too inexperienced to understand much of this. I plan to use Sonic.net DSL. I assume this is gigabit ethernet speed...at least that is the sort of NICs I got. Can pfSense handle that? I've seen it said on other forums that pfSense is hard to install and configure for newbies. True or false?
I recommend at least a dual-core CPU. Also, the PCIe bus and NIC need to match. PCIe v1 cards may not work on PCIe v2 bus, and vice versa. Yes, you can wipe the disk. I was just impressed that such small SSDs were so inexpensive. I doubt that disk throughput has much effect on network throughput.
No, Sonic.net DSL is nowhere near gigabit: http://www.speedtest.net/isp/sonic-net But that only affects Internet access. Local traffic, between devices on LAN, is 1Gbps aka 1024Mbps, which is 75 times Sonic.net's average download speed. I've seen pfSense VMs running on one CPU core with ~300MB RAM handle ~30 Mbps OpenVPN traffic. OpenVPN adds encryption/decryption overhead. As I recall, some pfSense users reported ~1Gbps throughput with Goggle as ISP. I'm sure that there are speed threads on the pfSense forum. If you just want a basic router setup, it's trivial. By default, all outgoing traffic from LAN to WAN to the Internet is allowed, and only established traffic on WAN is allowed to LAN, with all new incoming blocked. The webGUI configuration menu is very extensive, but also well documented. I find it much less confusing than *WRT menus. But there is stuff in there that only enterprise networks would ever use, and you can ignore it all.