Hi,
I'm finnally thinking of moving up to one of the local broadband providers. We've had two for a while, however neither company is particularly the type I'd like to do business with so I've held out as long as I could, but this 56.6kbps connection is starting to get really s-l-o-w. Anyway, at the same time I'd like to build up a network of my more recent computers (Pentium class and up) to (a) share the connection and (b) provide file sharing capacity. So, with that said I have a choice in how exactly to go about implementing the network and especially the security/routing to the outside world. Running the wiring shouldn't be a problem, so I really have no interest in 802.11 wireless stuff. The way I see it, this basically leaves me with three choices:
1) Buy a dedicated hardware router/firewall unit - the simplist and most obvious answer, consumes little power and doesn't require any cooling (ie quiet). It is also less to maintain, and being a much simpler device means that there are less things to potentially break down. Additionally, most of these units rely simply on the nature of NAT to protect the network, and as I understand it, aren't really firewalls.
2) Repurpose one of my old 486-class machines - removes any cost, asside from a second ISA network controller and a little more memory. It also provides me with theoretically better security, a lot more control over the network and the system as well as additional capabilities. Finnally, it will provide me with a dedicated Linux machine to play around with. The problem is that most of these older machines are big, use a lot of power and are quite noisy (while it is completely passively cooled, the old harddrives were never really built with noise considerations). All of the >=pentium machines other than my main workstation are laptops, so none of them can be repurposed for the task - and I am a little worried about the slow speed of these boxes.
3) Build a new machine - without having to worry about video cards, monitors, large HDDs, the machine should potentially be rather inexpensive. Getting a motherboard with a lot of integrated features (video, ethernet, etc.) could also help cut down potential costs. Additionally, going with a slower, older PIII processor and PC100 memory could drag down prices quite a bit - as well as allow for passive cooling on the processor. This would provide me with more power than the 486s, and hence more flexibility and the ability to add additional features (eg use it as the SMTP server instead of the ISP, provide simple FTP service for transfering files, internal Web service for testing PHP scripts, etc.). Also, with quieter modern HDDs (5400rpm units) and modern power saving, it could potentially run a lot quieter and consume a lot less power than the 486s.
Any suggestions, or alternate options. I'd like to go for (3), but just have to figure out what kind of machine I can afford, and if I can build something stable enough for this service. I'm thinking I should be able to build a simple P3/400MHz/256MB/10GB machine for not too much coin - just a matter of how stable it would be. Anyone have suggestions for parts? As for the 486 option, I'd have to figure out which machine to do it with. I have a few, the two bigger ones are a 486/66 with an IDE disk subsystem (800MB) and a 486/33 with a SCSI subsystem (1.2GB). I can move the memory between them, as well as buy more - however I can't move the SCSI drives to the 66MHz box (SCSI card is EISA, 66MHz machine only has ISA slots).
I know the simple thing to do would be to just buy the prebuilt units, however I feel the computer based options would provide me with some valuable learning options - and naturally I like to tweak with things, and the routers don't really provide that However, asside from the interest and cost differences - do the Linux firewall/routing packages offer any better/worse security if setup properly? Naturally computer-based solutions would offer more protection features, but they are also a lot more complex than their dedicated breathren - and hence more open to vulnerabilities.
I appreciate any help you can provide
I'm finnally thinking of moving up to one of the local broadband providers. We've had two for a while, however neither company is particularly the type I'd like to do business with so I've held out as long as I could, but this 56.6kbps connection is starting to get really s-l-o-w. Anyway, at the same time I'd like to build up a network of my more recent computers (Pentium class and up) to (a) share the connection and (b) provide file sharing capacity. So, with that said I have a choice in how exactly to go about implementing the network and especially the security/routing to the outside world. Running the wiring shouldn't be a problem, so I really have no interest in 802.11 wireless stuff. The way I see it, this basically leaves me with three choices:
1) Buy a dedicated hardware router/firewall unit - the simplist and most obvious answer, consumes little power and doesn't require any cooling (ie quiet). It is also less to maintain, and being a much simpler device means that there are less things to potentially break down. Additionally, most of these units rely simply on the nature of NAT to protect the network, and as I understand it, aren't really firewalls.
2) Repurpose one of my old 486-class machines - removes any cost, asside from a second ISA network controller and a little more memory. It also provides me with theoretically better security, a lot more control over the network and the system as well as additional capabilities. Finnally, it will provide me with a dedicated Linux machine to play around with. The problem is that most of these older machines are big, use a lot of power and are quite noisy (while it is completely passively cooled, the old harddrives were never really built with noise considerations). All of the >=pentium machines other than my main workstation are laptops, so none of them can be repurposed for the task - and I am a little worried about the slow speed of these boxes.
3) Build a new machine - without having to worry about video cards, monitors, large HDDs, the machine should potentially be rather inexpensive. Getting a motherboard with a lot of integrated features (video, ethernet, etc.) could also help cut down potential costs. Additionally, going with a slower, older PIII processor and PC100 memory could drag down prices quite a bit - as well as allow for passive cooling on the processor. This would provide me with more power than the 486s, and hence more flexibility and the ability to add additional features (eg use it as the SMTP server instead of the ISP, provide simple FTP service for transfering files, internal Web service for testing PHP scripts, etc.). Also, with quieter modern HDDs (5400rpm units) and modern power saving, it could potentially run a lot quieter and consume a lot less power than the 486s.
Any suggestions, or alternate options. I'd like to go for (3), but just have to figure out what kind of machine I can afford, and if I can build something stable enough for this service. I'm thinking I should be able to build a simple P3/400MHz/256MB/10GB machine for not too much coin - just a matter of how stable it would be. Anyone have suggestions for parts? As for the 486 option, I'd have to figure out which machine to do it with. I have a few, the two bigger ones are a 486/66 with an IDE disk subsystem (800MB) and a 486/33 with a SCSI subsystem (1.2GB). I can move the memory between them, as well as buy more - however I can't move the SCSI drives to the 66MHz box (SCSI card is EISA, 66MHz machine only has ISA slots).
I know the simple thing to do would be to just buy the prebuilt units, however I feel the computer based options would provide me with some valuable learning options - and naturally I like to tweak with things, and the routers don't really provide that However, asside from the interest and cost differences - do the Linux firewall/routing packages offer any better/worse security if setup properly? Naturally computer-based solutions would offer more protection features, but they are also a lot more complex than their dedicated breathren - and hence more open to vulnerabilities.
I appreciate any help you can provide