Figuring out what kind of firewall works best for your situation is never a sweatless task. For a[n] [un]lucky few, it's a no-brainer. However, in my case I decided that a firewall needs to do more than just block a few ports. Nowadays, with the advent of malware and hackers getting into systems via web browsers, it's easier than ever for identity thieves to strike. So, we need something that will actually work by not only blocking, but alerting us to violations that slip past through ports 80 and 443. We need a way to identify web traffic, as it can pass through any port. We also need to determine if the information passing through it is of a certain nature.
If little Johnny is researching his school project, it wouldn't be very productive if he got distracted by visiting other websites. Indeed, a parent walking in on a situation should have some foresight to what's really going on. These days, teenagers have more than enough stress to worry about. The less stressed the parents are, the easier it is on the kids. But, we also want to make sure that they know who is in charge. Kids should be able to feel a form of freedom to explore and express themselves. It is easy for that to become a problem. Even if the problem has already occurred, it's not too late to get a remedy in place. Being pro-active is one of the hardest things a parent can do, since the situation can go sideways in a split second.
So, in my previous blog post, I introduced the concept of using a Raspberry Pi computer to act as a firewall. Many iterations of this have been successfully implemented. One of my favorites is called the PiWall.
EDIT: It turned out the instructable was just a copy & paste ripoff of the original blog, and so won't be linked to any further.
In this case, I've made some modifications to the base system. Since I use flash drives in lieu of hard drives in order to save energy and produce less heat, I've replaced all instances of the Extended Filesystem with Samsung's Flash Friendly Filesystem, or F2FS. Furthermore, some easy filesystem performance tests prove beyond a shadow of a doubt of Samsung's commitment to the Open Source Community. In practice, some sequences that once produced lag in EXT4 now provide results instantaneously. Your Mileage May Vary (YMMV), but overall I am happy with the results.
Until the next update...
No comments:
Post a Comment