So I thought I would tell you about a fairly new router firmware. This is not going to be an uber geek post, just a quick overview and my thoughts.
I like to play with new firmwares on my router. I have played with most stock firmwares, DDWRT, Tomato, and a few others. However; one day while looking for Vlan support on my Linksys WRTSL54GS I came across PacketProtector. I was intrigued, and thought I'd give it a go.
The folks that run the forum were very supportive and helpful when I ran into some Vlan problem and helped me as much as they could. Unfortunately no matter what I did or tried I could not get Vlan to work. However that was about a year ago, and here we are today!
PacketProtector is built on top of OpenWRT and aims for and easy and intuitive network security OS for a few different types of routers. PacketProtector is still in its infancy and has only been around for a few years with only a hand full of developers.
Considering the lack of users and developers that the packetprotector community has, the project has not slowed down one bit. They continue to push the security bar and have continued bug fixes, development, enhancements, and releases with loyal dedication some larger projects wish they had.
Installation is easy as you can tell by their documentation.
On my WRTSL54GS it was as simple as uploading the Packetprotector .bin file to the administrative "Upgrade Firmware" interface on tomato.
Side Note:
Before I installed PP, I did a backup of my routers config so if need be I could revert back to my original settings.
I eventual went back to Tomato just to test a few things out. (Just to see how easy it would be to revert back to tomato)
To get to back Tomato all I did was go to "system-Upgrade" in PP and uploaded the tomato.trx file. Once that was complete I uploaded tomato for the WRTSL54GS .
Now once I did that, I noticed something funny. All my original configurations were still there...nothing was lost or changed. This in theory could cause problems. It may be a good idea to do a system rest or clear the NVRAM on the router before installing PP.
Packetprotector by default is set with security in mind and automatically has https enabled at install, and has wireless disabled.
Once you log onto the Packet Protector Webif you will be greeted with a message stating "Default password hash Found!" With a link to change the password. However you should install the USB drive before you do anything.
So per the documentation we add the files from the USB tarball to the root of the drive. (Drive needs to be formatted Fat16, or ext3). So in the root of the drive you should have a "packetetprotector" directory and a "packetetprotector_home" directory.) From there we "turn off" the router and install the USB Drive. Once that is complete turn the router back on and wait for it to boot.
As you can see Packet Protector aims for a user friendly webif but falls short here for any noob. However if its power and control you seek its all right there under the hood! Packet protector allows you to install new packages (need to be connected online for that) and uses Opendns by default.
As you can see from the description from the main site this is not an average firmware.
a stateful firewall (iptables)
WPA/WPA2 Enterprise wireless (802.1X and PEAP with FreeRADIUS)
intrusion prevention (Snort-inline)
remote access VPN (OpenVPN)
content filtering/parental controls (DansGuardian)
web antivirus (DG + ClamAV)
a local certificate authority (OpenSSL)
secure management interfaces (SSH and HTTPS)
advanced firewall scripts for blocking IM and P2P apps
IP spoofing prevention (Linux rp_filter)
basic protocol anomaly detection (ipt_unclean)
anti-phishing (OpenDNS)
automatic signature/rule updates
Each of these services is automatically bootstrapped and configured with sensible defaults. A secure web interface makes common configuration tasks as simple as a point and click.
Not too bad ha....? Packet Protector has lots to offer for any security geek out there. However I would say noob's may want to hold off on this one for a while.
As with all things good there are a few downers. As I mentioned before the web interface needs a lot of work and may confuse or be difficult for a noob. There are also some things I'd like to see added to the Webif such as an easy way of turning the router into a secure proxy, add-blocking with a black and white list, an option for DNSOmatic in the dynDNS tab, as well as multiple DHCP servers for Vlans.
As of writing this there is currently a discussion going on about the Webif being updated. Feel free to join in!
In closing Packetprotector has major potential to be a major player in the 3rd party router firmware world. They could be a big hitter among security geeks everywhere, but could user a bigger developer and user base to get there. I look forward to being part of that community and hope you will join me.
No comments:
Post a Comment