Results 1 to 10 of 10

Thread: machine spec to run pfsense

  1. #1
    RIP Peterb ik9000's Avatar
    Join Date
    Nov 2009
    Posts
    7,743
    Thanks
    1,849
    Thanked
    1,442 times in 1,065 posts
    • ik9000's system
      • Motherboard:
      • Asus P7H55-M/USB3
      • CPU:
      • i7-870, Prolimatech Megahalems, 2x Akasa Apache 120mm
      • Memory:
      • 4x4GB Corsair Vengeance 2133 11-11-11-27
      • Storage:
      • 2x256GB Samsung 840-Pro, 1TB Seagate 7200.12, 1TB Seagate ES.2
      • Graphics card(s):
      • Gigabyte GTX 460 1GB SuperOverClocked
      • PSU:
      • NZXT Hale 90 750w
      • Case:
      • BitFenix Survivor + Bitfenix spectre LED fans, LG BluRay R/W optical drive
      • Operating System:
      • Windows 7 Professional
      • Monitor(s):
      • Dell U2414h, U2311h 1920x1080
      • Internet:
      • 200Mb/s Fibre and 4G wifi

    machine spec to run pfsense

    Internet started getting really slow. Then we saw the router winking away when all our machines were turned off. Did some digging and found not one but two rogue machines on my wireless. Have changed all the settings and put on a much more substantial password, but think this is time to look at doing something I'd thought about a while ago: pfsense.

    Can anyone help spec me a machine purely to run as a server for pfsense and manage all the network/WAN traffic. We have a decent fibre optic internet connection, and between 2-4 machines on wireless, 1-2 on LAN. Depending on who's in.

    The machine needs to sit in the lounge so something quiet is essential.

  2. #2
    Jay
    Jay is offline
    Gentlemen.. we're history Jay's Avatar
    Join Date
    Aug 2006
    Location
    Jita
    Posts
    8,365
    Thanks
    304
    Thanked
    568 times in 409 posts

    Re: machine spec to run pfsense

    I used an Atom 230 cpu with 1gig of ram and that was overkill!
    □ΞVΞ□

  3. #3
    <<== UT3 Player spoon_'s Avatar
    Join Date
    Nov 2008
    Location
    London
    Posts
    2,071
    Thanks
    113
    Thanked
    139 times in 131 posts

    Re: machine spec to run pfsense

    Its not worth to put a fully fledged PC to act as a router... Leccy bill will tell you why.

    Look at Alix boards, I would anyway if I was thinking of pfsense.

  4. Received thanks from:

    ik9000 (05-10-2011)

  5. #4
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,378
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts

    Re: machine spec to run pfsense

    From what you have posted, pfsense won't solve the problem of people using your wi-fi link.

    Strong passwords, encryption (more of a privacy issue than authentication, but still helps) and (if your router supports it) VLAN over the link, will help solve your problem without using a separate firewall.
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  6. Received thanks from:

    ik9000 (05-10-2011)

  7. #5
    Banned
    Join Date
    Jun 2008
    Posts
    2,129
    Thanks
    13
    Thanked
    189 times in 160 posts

    Re: machine spec to run pfsense

    Quote Originally Posted by peterb View Post
    From what you have posted, pfsense won't solve the problem of people using your wi-fi link.

    Strong passwords, encryption (more of a privacy issue than authentication, but still helps) and (if your router supports it) VLAN over the link, will help solve your problem without using a separate firewall.
    Agreed, you can make your wireless network secure, but you cant stop people from DOSing it.

    Depending on your router, I would do both strong encryption/passwords AND mac based filtering so nothing in the mac table got more than 10k down 1k up.

    That way you can give you key to anyone and even if they abuse it, it wont really matter.

  8. Received thanks from:

    ik9000 (05-10-2011)

  9. #6
    Not a good person scaryjim's Avatar
    Join Date
    Jan 2009
    Location
    Gateshead
    Posts
    15,196
    Thanks
    1,232
    Thanked
    2,290 times in 1,873 posts
    • scaryjim's system
      • Motherboard:
      • Dell Inspiron
      • CPU:
      • Core i5 8250U
      • Memory:
      • 2x 4GB DDR4 2666
      • Storage:
      • 128GB M.2 SSD + 1TB HDD
      • Graphics card(s):
      • Radeon R5 230
      • PSU:
      • Battery/Dell brick
      • Case:
      • Dell Inspiron 5570
      • Operating System:
      • Windows 10
      • Monitor(s):
      • 15" 1080p laptop panel

    Re: machine spec to run pfsense

    Surely you can just have your router refuse access to anything not in the mac filter table? It's a minor annoyance when someone wants to connect a new device to the network legitimately, but surely that's better than having any old scamp on the wireless...


    "Your MACs not down, you're not coming in!"

  10. Received thanks from:

    ik9000 (05-10-2011)

  11. #7
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,378
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts

    Re: machine spec to run pfsense

    mac filtering is a good add on, but mac addresses can be spoofed. It all depends on how determined the attacker is. If it is a determined, targetted attack, you will need some fasirly sustantial countermeasures; if it is a casual attack just to use your internet connection, then simpler countermeasures will be OK. All comes down to risk assessment/management, and the trade off between ease of use/administration, and security.
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  12. Received thanks from:

    ik9000 (05-10-2011)

  13. #8
    RIP Peterb ik9000's Avatar
    Join Date
    Nov 2009
    Posts
    7,743
    Thanks
    1,849
    Thanked
    1,442 times in 1,065 posts
    • ik9000's system
      • Motherboard:
      • Asus P7H55-M/USB3
      • CPU:
      • i7-870, Prolimatech Megahalems, 2x Akasa Apache 120mm
      • Memory:
      • 4x4GB Corsair Vengeance 2133 11-11-11-27
      • Storage:
      • 2x256GB Samsung 840-Pro, 1TB Seagate 7200.12, 1TB Seagate ES.2
      • Graphics card(s):
      • Gigabyte GTX 460 1GB SuperOverClocked
      • PSU:
      • NZXT Hale 90 750w
      • Case:
      • BitFenix Survivor + Bitfenix spectre LED fans, LG BluRay R/W optical drive
      • Operating System:
      • Windows 7 Professional
      • Monitor(s):
      • Dell U2414h, U2311h 1920x1080
      • Internet:
      • 200Mb/s Fibre and 4G wifi

    Re: machine spec to run pfsense

    Quote Originally Posted by peterb
    It all depends on how determined the attacker is. If it is a determined, targetted attack, you will need some fasirly sustantial countermeasures; if it is a casual attack just to use your internet connection, then simpler countermeasures will be OK.
    Well that's the problem. We had hidden the SSID, used WPA2 TKIP and a 10-digit password (mix of characters + Symbols, not a word) and they still got on, so yes I think it's fair to say they're a bit determined. We've changed the SSID, quick pin codes (whatever they're for - can I deactivate these?) and password, plus i blocked the rogue mac addresses but if it is as simple as people say to mask the mac with a spoof one then it doesn't seem I can really do anything else.

  14. #9
    RIP Peterb ik9000's Avatar
    Join Date
    Nov 2009
    Posts
    7,743
    Thanks
    1,849
    Thanked
    1,442 times in 1,065 posts
    • ik9000's system
      • Motherboard:
      • Asus P7H55-M/USB3
      • CPU:
      • i7-870, Prolimatech Megahalems, 2x Akasa Apache 120mm
      • Memory:
      • 4x4GB Corsair Vengeance 2133 11-11-11-27
      • Storage:
      • 2x256GB Samsung 840-Pro, 1TB Seagate 7200.12, 1TB Seagate ES.2
      • Graphics card(s):
      • Gigabyte GTX 460 1GB SuperOverClocked
      • PSU:
      • NZXT Hale 90 750w
      • Case:
      • BitFenix Survivor + Bitfenix spectre LED fans, LG BluRay R/W optical drive
      • Operating System:
      • Windows 7 Professional
      • Monitor(s):
      • Dell U2414h, U2311h 1920x1080
      • Internet:
      • 200Mb/s Fibre and 4G wifi

    Re: machine spec to run pfsense

    Quote Originally Posted by peterb View Post
    From what you have posted, pfsense won't solve the problem of people using your wi-fi link.

    Strong passwords, encryption (more of a privacy issue than authentication, but still helps) and (if your router supports it) VLAN over the link, will help solve your problem without using a separate firewall.
    I'm a novice when it comes to networking stuff - what's VLAN?

  15. #10
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,378
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts

    Re: machine spec to run pfsense

    virtual lan - supported by Draytek, (and maybe others) and requires a username and password to log into the router (on top of any link encryption etc)

    http://www.draytek.co.uk/support/kb_vigor_vlan.html gives the details for wired ports, but the same principle can be applied to the wireless port.
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  16. Received thanks from:

    ik9000 (07-10-2011)

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Memory Size incorrect on cold boot
    By Chanfron in forum SCAN.care@HEXUS :: After sales support
    Replies: 24
    Last Post: 20-09-2011, 06:21 PM
  2. Suggestions on suitable 3XS Machine Spec for Audio/General Family PC
    By Neil Porter in forum SCAN 3XS Systems Support
    Replies: 7
    Last Post: 15-07-2010, 11:07 AM
  3. Replies: 36
    Last Post: 17-07-2008, 06:24 PM
  4. Windows DLL missing?
    By pritsey in forum Software
    Replies: 18
    Last Post: 09-12-2007, 09:49 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •