PacketProtector- UTM in a wireless router

Discussion in 'other firewalls' started by ciscostu, May 19, 2007.

Thread Status:
Not open for further replies.
  1. ciscostu

    ciscostu Registered Member

    Joined:
    May 19, 2007
    Posts:
    2
    Dudes, please check out my router firmware project at http://packetprotector.org.

    It's built on top of OpenWrt and provides a bunch of security features-

    * a stateful firewall (iptables)
    * WPA/WPA2 Enterprise wireless (802.1X and PEAP with FreeRADIUS)
    * intrusion prevention (Snort-inline)
    * intrusion detection (Snort)
    * remote access VPN (OpenVPN)
    * content filtering/parental controls (Dansguardian)
    * web antivirus (DG + ClamAV)
    * a local certificate authority (OpenSSL)
    * secure management interfaces (SSH and HTTPS)
    * advanced firewall scripts for blocking IM and P2P apps
    * IP spoofing prevention (Linux rp_filter)
    * basic protocol anomaly detection (ipt_unclean)

    Thanks!
    Charlie
     
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Just wow :eek:
    How is it the performance?
     
  3. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Nice, top security for wireless router.
     
  4. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    Interesting, but I find it hard to believe all of those features will run at the same time on a small router under $100. A PC with a PIII or better and 512 MB or more of RAM, sure, but those small things with 16-32 MB of ram and <500MHz procs, I don't know. If it does, that is quite nice and openwrt is a great firmware, so the best of luck.

    Cheers,

    Alphalutra1
     
  5. ciscostu

    ciscostu Registered Member

    Joined:
    May 19, 2007
    Posts:
    2
    @lucas1985
    Performance is quite good. I don't have any empirical data to point you to, but in general it doesn't affect the user experience (assuming your network consists of a handful of clients sharing a broadband pipe).

    @Meriadoc
    Thanks!

    @Alphalutra1
    The routers have 32MB plus 64MB of swap on a USB 2.0 drive. The applications have been configured with a careful eye on resource consumption.

    For example, there are less than 500 Snort(_inline) signatures active in the base build, but it's enough to cover recent client vulns. And the AV scanner doesn't queue files larger than 2MB.

    :)
    Charlie
     
Thread Status:
Not open for further replies.