PacketProtector- UTM in a wireless router

Discussion in 'other firewalls' started by ciscostu, May 19, 2007.

Thread Status:
Not open for further replies.
  1. ciscostu

    ciscostu Registered Member

    Joined:
    May 19, 2007
    Posts:
    2
    Dudes, please check out my router firmware project at http://packetprotector.org.

    It's built on top of OpenWrt and provides a bunch of security features-

    * a stateful firewall (iptables)
    * WPA/WPA2 Enterprise wireless (802.1X and PEAP with FreeRADIUS)
    * intrusion prevention (Snort-inline)
    * intrusion detection (Snort)
    * remote access VPN (OpenVPN)
    * content filtering/parental controls (Dansguardian)
    * web antivirus (DG + ClamAV)
    * a local certificate authority (OpenSSL)
    * secure management interfaces (SSH and HTTPS)
    * advanced firewall scripts for blocking IM and P2P apps
    * IP spoofing prevention (Linux rp_filter)
    * basic protocol anomaly detection (ipt_unclean)

    Thanks!
    Charlie
     
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Just wow :eek:
    How is it the performance?
     
  3. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Nice, top security for wireless router.
     
  4. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    Interesting, but I find it hard to believe all of those features will run at the same time on a small router under $100. A PC with a PIII or better and 512 MB or more of RAM, sure, but those small things with 16-32 MB of ram and <500MHz procs, I don't know. If it does, that is quite nice and openwrt is a great firmware, so the best of luck.

    Cheers,

    Alphalutra1
     
  5. ciscostu

    ciscostu Registered Member

    Joined:
    May 19, 2007
    Posts:
    2
    @lucas1985
    Performance is quite good. I don't have any empirical data to point you to, but in general it doesn't affect the user experience (assuming your network consists of a handful of clients sharing a broadband pipe).

    @Meriadoc
    Thanks!

    @Alphalutra1
    The routers have 32MB plus 64MB of swap on a USB 2.0 drive. The applications have been configured with a careful eye on resource consumption.

    For example, there are less than 500 Snort(_inline) signatures active in the base build, but it's enough to cover recent client vulns. And the AV scanner doesn't queue files larger than 2MB.

    :)
    Charlie
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.