Maintaining a home or small business network can be a huge hassle these days with so many devices that interact by wireless, Ethernet and from the Internet. You may have gaming consoles, multimedia centers, laptops, servers and workstations all needing a stable network setup. Now you could easily go buy a Linksys (w/DD-WRT of course) or DLink router, and configure it for your needs, I would recommend this for the standard user but if you want a DIY project to add advanced features and monitoring to your network I would suggest something more. In the past I would have used a open source project called IPCop (Simple IPTables packet filtering firewall), which has worked great in many deployments for small businesses I have consulted with, and as well as for my home network.
Recently however I had noticed the community and project had started to become slightly neglected, and as well was catering mainly to a German audience. So I went out in search of alternatives, I discovered several solutions that seemed promising including Smoothwall and M0N0wall, but they were still lacking many of the features of IPCop. I then took a closer look at the IPCop community and discovered a branch off IPCop that was being updated, offering both commercial versions but as well keeping an open source version. The software was called Endian and I am now using the community version that took much of the IPCop base, updated it and included a new, slicker web interface.
Sample of features:
- Multiple Uplinks (Bonus if you have a backup ISP connection)
- Updated and slick web interface
- Same graphs as IPcop, showing system/network load, current connections, services, etc
- Easy DHCP management features
- Dynamic DNS integration
- ClamAV scanning of downloads
- Traffic Shaping
- Snort Integration
- NTop Integration
- Port forwarding and network partitioning
- SIP, HTTP, DNS Proxy with content filter
- OpenVPN integration, IPSec VPN support
- Lots of Logging options
Having SNORT/NTOP integrated makes troubleshooting issues simple, analyze the traffic and easily block problem traffic. Outbound firewall configuration is super easy as well for keeping certain users from using unsupported services such as bittorrent, just allow http/s with content filtering and you got a simple net nanny type setup.
Checkout Endian at http://www.endian.com/en/community/overview/
Do you currently have or need an inventory of devices on your network, including every detail about these devices? Well, if you have windows running on your workstations, then powershell could be of use. Powershell is now a built-in feature in Windows 7 and Server 2008R2, telling me it will be the standard for running custom data mining and management scripts.
Powershell gives you an object oriented scripting language that allows for easy manipulation of data, for example where we are talking about getting device info, we can create a new WMI object that contains all the data about a computers BIOs very easily.
PS C:\Documents and Settings\sysjared> $objBIOS = get-wmiobject -class Win32_BIOS
PS C:\Documents and Settings\sysjared> $objBIOS
Version : DELL – 7
Have you ever wanted to get a simple output of all the computer objects in active directory? This is a fairly simple task with Powershell, recently I wanted to output all computer objects and the attributes that associated with them for use in a tree structured menu. Below is the script that I created, (can only dump 1000 entries at a time)
$strFilter = "(&(objectCategory=Computer))"
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1000
$objSearcher.Filter = $strFilter
$objSearcher.SearchScope = "Subtree"
$computerObjects = $objSearcher.FindAll() | foreach {
$name = [String]$_.Properties.cn
}
$name