Skip to main content

Smoothwall on Mini-ITX Board

Recently I saw a Hak5 episode that talked about building a high-performance router to increase the speed of your network connection.  

Darren mentioned that the cheap plastic routers might not be able to compete with a solidly built router, so I decided to give it a try to see if I could increase my network speed.  

I ordered a Mini-ITX board with a 1.65GHz CPU, 1GB of RAM, a 260GB 7200rpm SATA drive, and an Intel Pro 1000 PCI NIC to make my own router.  Here's a picture of the completed assembly:

I took this and installed SmoothWall 3.0 SP3 (incidentally, I had to use a CD-ROM to install it, as a flash drive made with NetUbootIn from the iso never would install correctly).  

Installation of SmoothWall wasn't as straightforward as I thought.  SmoothWall has different colors for different types of Interfaces.  For my use, Green was the LAN, and Red was the WAN.  There are no choices in the install menu to set up the Red interface, but there are 3 choices for Green:  Open, Half-Open, and Blocked (or something to that effect)  

I started with "Half-Open" on the Green (LAN) interface, as I thought that would allow any inbound connection that was previously established via an outbound connection (like going to Google).  However, this seemed to block all my attempts to access the Internet.  I tried to go into the web interface of the router to change this, but I didn't immediately stumble on how to do this, as you can really get into the nitty-gritty of configuring the router.  So I gave up and set the router to Open like Darren did on Hak5.

Just to be safe, I ran an nmap scan from the Red (WAN) interface to see if I could access either the router or any computers connected to the Green interface.  I was happy to see that even when green was set to Open, nmap reported all ports closed and the router didn't respond to pings.  

So I connected it up to my network and ran a speed test to see if I could get more speed with a really over-designed router.  After 10 speed tests, SmoothWall on my home-made router actually performed .19Mbps SLOWER than a Linksys router (average of 31.19Mbps with the Linkysys, 31.00Mbps with the Mini-ITX), even though the Mini-ITX was bare-bones configured, and the Linksys was running VPNs, IP-Table port forwarding, and other junk like that.  

So it is pretty clear to me that the little plastic routers do a great job keeping up with their demand, and I don't really need a super-router to act JUST as a router.   Thus, I'm going to repurpose the Mini-ITX as something else... likely as a Snort-Box.  Look for that in future blogs.

I should mention, that if you are looking for a configuration control enhancement vs a speed enhancement, SmoothWall is probably a great way to go.  It lets you configure TONS of stuff, is very flexible on the set up of different services/lan designs, it recognized my NICs easily and just seemed rock-solid as a finely-tuned router.  Here's a screenshot to show what the web set up (after it is installed) looks like:

So from a configuration perspective I was impressed.  It just didn't improve my speed, which was my initial goal.    


Popular posts from this blog

ADS-B plotting with Kali (and other SDR goodies)

Recently I wanted to try some Software Defined Radio stuff.   
I had a RTL-SDR, FM+DAB, DVB-T USB Stick Set with RTL2832U & R820T. that I got from:
But, even though this dongle would break out FM radio stations, and ATC frequencies (like the local Ground Control, tower, and even ATIS), which was cool, it wouldn't break out ADS-B.   
Thus, I bought a Vantech Green Mini RTL2832U R820T DVB-T SDR DAB FM USB DIGITAL TV Tuner Receiver RTL-SDR Project + DAB dongle Tuner MCX Input from Amazon, and tried this.  
This dongle was able to listen to the 1090MHz frequency required for ADS-B (as it goes from 25MHz to 1700MHz).  There were tons of Windows programs out there for breaking out and plotting ADS-B Mode S broadcasts, but not many for Linux.  
For Kali Linux, here's how I got it running and plotting planes around my home:
0) before you start, you should do an apt-get update to ensure you hav…

Beaglebone Black as a Wireless Intrusion Detection System (WIDS)

Recently I have been wanting a wireless IDS (WIDS) to detect nefarious wifi activity.  I also had a Beaglebone Black hanging around that I wanted to put to good use.   This seemed like a perfect match, and indeed it seems to be so!

I did some research on WIDSs, and although there is SUPPOSED to be several out there, nearly all that I seemed to find was commercial and Windows-based products, not something I could use myself.   
About the only exception to that rule was Kismet, so I decided to give that a try.  Kismet is supposed to work as a WIDS, and per its documentation should catch the following attacks:
Kismet supports the following alerts, where applicable the WVE (Wireless Vulnerability and Exploits, ID is included: AIRJACKSSID Fingerprint Deprecated The original 802.11 hacking tools, Airjack, set the initial SSID to 'airjack' when starting up. This alert is no longer relevant as the Airjac…

Temper Temperature monitor on a Beaglebone Black

Beaglebone Black as a temperature monitor:

Recently I wanted to monitor the temperature of my shed.  I thought I'd use a small computer such as a Raspberry Pi or a Beaglebone or Odroid.

My Raspberry Pi boxes were all in use, so I grabbed my Beaglebone, which was doing nothing.

I flashed it with the Debian9.32018-03-054GB SDIoTimage, but that seemed like it was running lots of bloatware and the ethernet interface wouldn't take a static IP with /etc/network/interfaces.

So I went with the Debian9.32018-01-284GB SDLXQTi image instead.  I still had the same problem, that lots of junk was running, and I couldn't configure my interface by modifying /etc/network/interfaces

So my first step was to get rid of all the bloatware.  If you're using a Raspberry Pi or something, you can skip this and just go to the second step below

STEP 1--Remove Blotatware from Beaglebone Black:

With some searching, I came across this post:…