Firewall companies have a little secret that they do not want you know: most of their software is based on free open source software. What you pay the firewall companies for is the assembly of the software, an intuitive interface and professional technical support. And what they really want to keep a secret is the fact that several free firewall distributions assemble the software and create an intuitive interface for free also.
Using one of these free firewall systems will give you many great business class features without the hefty business class price tag. These firewalls are a perfect choice for small businesses on a shoestring budget.
Why Upgrade to Open Source?
Increased Bandwidth: Most home routers have enough horsepower for a standard cable or DSL connection, but may slow you down on new ultra-high connections like Verizon’s FIOS or ATT’s Uverse.
Upgraded connections limits: Internet routers have to track all of the connections that all of the computers on its network make to the internet and that number of connections can really add up as more computers are added to the network. Each of these connections have to be stored in the router’s memory and small home routers typically don’t have a ton of memory. Applications like bittorrent that make thousands of connections to other computers on the internet can choke a router and make your internet connection feel slow.
Advanced Quality of Service (QoS): If your teenager is sucking up all of the bandwidth by downloading music and movies all day, finding a router that supports QoS or traffic shaping will help. It allows you classify which internet traffic takes priority and allows you to put all of your web surfing ahead of their downloads. This is especially helpful with applications like bittorrent that suck bandwidth and internet phones that don’t like latency.
Web access logging: Firewalls can track where users go on the internet and keep a log of it without the need to install software on every computer.
Web Content filtering: In addition to logging web traffic, some routers can dynamically block objectionable web traffic based on keywords or a database of known questionable websites. And there is no need to install filtering software on each individual PC.
Archive for March, 2008
Configuring and Using Secondary IP Addresses on Cisco Routers
Cisco Routers/Switches, How-to No Comments »n a perfect world, every subnet would have its own interface or vlan, but this is far from a perfect world. Most routers start out that way, but networks change or get merged and things get a little messier.Secondary IP addresses are a great way to extend the network without readdressing every workstation and printer. At the very least, secondary IP addresses on Cisco routers can make things smoother during an IP migration.
For example, configuring an IP address on a Cisco interface is simple.
router(config)#int vlan 1
router(config-if)# ip address 10.1.1.1 255.255.255.0
This will configure the vlan 1 interface with the IP address of 10.1.1.1.
By adding the following statement, we can place two addresses on the same interface.
router(config)#int vlan 1
router(config-if)# ip address 10.1.1.1 255.255.255.0
router(config-if)# ip address 10.1.2.1 255.255.255.0 secondary
Be sure not to miss the word secondary or the primary IP address will be overwritten and traffic to that address will stop working. This is bad for users that are connected to that the primary interface of 10.1.1.1 for their network gateway and especially bad if you are connected via telnet to the router because you will lose access and have to console directly into the router to recover.
Now, the router will respond to the addresses of 10.1.1.1 and 10.1.2.1.
Users on each of the two subnets will never know that they are using the same interface.
The router will use the primary IP address to ping and traceroute unless you specify an address with an extended ping or traceroute command.
Secondary address can also be used in conjuction with DHCP superscopes. For instance, a DHCP server can be configured to assign available addresses from a pool of addresses in the 10.1.1.0 subnet and then when that is depleted go on to use addresses from the 10.1.2.0 subnet as long as both address are configured on the same router interface as explained earlier. Note that the primary IP address of the router has to match the first range of the DHCP superscope configured on the DHCP server or the server will not know which superscope to use and will not reply with an address.
The main negative in using secondary addresses is that it does not contain broadcasts and multicasts on that network. In most cases, the router and workstations can handle broadcasts from two or three subnets, but it is not a good idea to stack several subnets together on a single interface or the network will seem to slow down.
For example, configuring an IP address on a Cisco interface is simple.
router(config)#int vlan 1
router(config-if)# ip address 10.1.1.1 255.255.255.0
This will configure the vlan 1 interface with the IP address of 10.1.1.1.
By adding the following statement, we can place two addresses on the same interface.
router(config)#int vlan 1
router(config-if)# ip address 10.1.1.1 255.255.255.0
router(config-if)# ip address 10.1.2.1 255.255.255.0 secondary
Be sure not to miss the word secondary or the primary IP address will be overwritten and traffic to that address will stop working. This is bad for users that are connected to that the primary interface of 10.1.1.1 for their network gateway and especially bad if you are connected via telnet to the router because you will loose access and have to console directly into the router to recover.
Now, the router will respond to the addresses of 10.1.1.1 and 10.1.2.1.
Users on each of the two subnets will never know that they are using the same interface.
The router will use the primary IP address to ping and traceroute unless you specify an address with an extended ping or traceroute command.
Secondary address can also be used in conjuction with DHCP superscopes. For instance, a DHCP server can be configured to assign available addresses from a pool of addresses in the 10.1.1.0 subnet and then when that is depleted go onto use addresses from the 10.1.2.0 subnet as long as both address are configured on the same router interface as explained earlier. Note that the primary IP address of the router has to match the first range of the DHCP superscope configured on the DHCP server or the server will not know which superscope to use and will not reply with an address.
The main negative in using secondary addresses is that it does not contain broadcasts and multicasts on that network. In most cases, the router and workstations can handle broadcasts from two or three subnets, but it is not a good idea to stack several subnets together on a single interface or the network will seem to slow down.
Unlike the iPod, the AppleTV certainly hasn’t been the marketing success that Apple hoped for but hackers sure love it.
From the day that the AppleTV shipped, hackers have dissected the diminutive media player and found ways to add cool and innovative features like playing new video formats, upgrading the hard drive and turning one into a fully working Mac OS X computer.
One modification enables you to order pizza directly from the AppleTV with just the remote control, perfect for the lazy college student that wants to order pizza without taking time to boot up their laptop computer.
What can a hacked AppleTV do?
Play various video formats in addition to Mp4
Order pizza
Make Skype calls
Use a web browser
Run a full version of Mac OS X
Use a keyboard and mouse
Use an external hard drive
Enable file server and web server
Getting started with Hacking an AppleTV
The first hacks for the AppleTV involved a bit of surgery and exposure to AppleTV innards. The hard drive had to be removed, mounted into a USB hard drive enclosure and special software loaded from a Macintosh before re-installation back into the AppleTV. But the process has been refined to a no-screwdriver-required method. The Patchstick Method involves installing software on a USB flash drive and plugging it into the AppleTV’s USB port which Apple reserves for repairs. When the AppleTV boots up, the thumb drive automatically loads the software needed to connect remotely to the media player and install other modifications.
Why do hackers love the AppleTV?
Apple’s media player is the perfect piece of computer hardware. First, it’s smaller than even a Mac Mini, uses low power, is quiet and is relatively inexpensive compared to other media center computers. Additionally, the AppleTV has the right video connectors to hook to a new HD TV and a remote control. Underneath the hood, the AppleTV is really a single board computer with a relatively powerful processor running an interface program Back Row. Hackers only needed to enable the parts of Mac OS X that Apple had hidden and then they had a full computer to load whatever software that they wanted. Once one of the media players has been modified to run an unrestricted copy of Mac OS X, the AppleTV becomes the least expensive Macintosh available coming in at nearly half the price of a Mac Mini.
This probably voids the warranty
Apple will make little effort to make sure that future software updates to the AppleTV do not break any modifications, so owners of modified AppleTVs may not be able to take advantage of new features and bug fixes provided by Apple. But then again, there’s always a new hack out. Check out AppleTVhacks for an ongoing list of hacks, modifications and How-To’s.
