[SOLVED] prolecti vs qotom FW/minipc

[wiredsharks]

JUst curious what your thought and opinions are. Obiovusly qotom out specs prolecti. But i know several ppl who are very very happy with the prolecti no-name models, such as /Firewall-Appliance-Gigabit-Celeron-AES-NI/dp/B07FKMJGD6

• Intel Quad Core Celeron J3160, 64 bit, up to 2.2GHz, AES-NI hardware support
• 4x Intel i210 Gigabit Ethernet ports
• 4GB DDR3L RAM, 32GB mSATA SSD
• 2x USB 3.0, 1x RJ-45 COM, 2x HDMI
• Solid State, Fanless Silent Operation, Compatible with many Open Source Software distributions

specs in case links dont work. im building a whole new home perimeter and would like to hear your thoughts. are the chinese Qotoms really a better peice of hardware? havent seen many reviews.

 

[wiredsharks]

For what its worth, I will likely run pfsense. Possibly Sophos home edition onlybecause I have experience managing the sophos enterprise UTM setups, but i have a lot of seperate needs (12 pcs, study cybersecurity and pentesting, have an off an entire DAW that i'd like to keep offline almost always, most pcs run different types of linux, lots and lots VMs, and then of course 3 roomates that care zero about security, and in fact I've discovered theyre network they share on a private network is si filled with rootkits wrapped up in autorunners, the win APIs and registry have been drastically altered, and currently on my Asus ac3100, managed switch and access netgear r8000 as an AP Im running a basic wired on a public network with almost all networking disabled vs wireless VLAN setup where I am the wired and the breached roomates are the wireless. i have already identified all of their wrapped files, and documented their registry changes. Theyre breach has reached 'excellent' rate elevation. I've already took my own time outside of work to nice backup theyre HDDs, and will be full factory resetting once my firewall arives and am looking into setting up some pretty complex vlans on my end.

A second comment question- anyone find it usefull running extra IDS/IPS by running a dedicated machine like logalyze etc? I know there are fancy turnkey IPS stuff like untangle etc..but free is...ya know free!

 

[bill001g]

It really depends on how much traffic you run. It also depends on how many open session you expect.

For home use any firewall is pretty much over kill. As long as you do not set port forwarding rules no traffic from the internet can get to your machines. The NAT function will only allow traffic to return which is always the best firewall rule to have.

After this the only use of a firewall would be to try to limit content from internal machines. For example blocking netflix or something.

IPS/IPS are mostly used when you have a actual server exposed to internet. Almost nobody runs a web server from their house. Even small business have moved this to hosting sites.

Now if you are just looking for a toy to play with it really doesn't matter a lot. Then again if you have a very fast internet connection you can stil exceed the cpu if you put in too many fancy rules.

 

[wiredsharks]

I run a small business outside of my residence, including simple PC repair/web design/and also occasionally act as an apprentice for setting up soho networks. The rules per our ISP explicitly say 1 network per residence. I mention I run 12 pc's in total (many are old dual linux OS's that I use for workstation studies which stay in their own little world for the most part, yes). It is absolutely integral that I provide any customers a safe workplace. THe biggest issue is my roomates constantly having network breaches. Im not sure how familair you are with pentesting. But pivoting around a network once inside is not rocket science if you have a little bit of pentesting experience. So sharing a network and running a side business (I have my A+,ceh v9, and currently studying for my comptia security +) IS a pretty serious task considering the attackers that have gotten through in the past. and let me tell you, they were not very skillful, mostly copy/paste script kiddies and botnets who leave all of their footprints behind. But I may not always get so lucky, thus the idea of running something with IDS is a fairly serious one, atleast to me. I will tell you that I have dealt with over 4 breaches over the last 2 years. all most likely from SE phish emails, or porn drive-bys.

Learning is of course a part of everything. But this is far from a toy, it is more stress and frustration. However, i do agree with your premise in most general cases.

EDIT:

IPS/IPS are mostly used when you have a actual server exposed to internet. Almost nobody runs a web server from their house. Even small business have moved this to hosting sites.

apparently you haven't been keeping up with the current exploit-db. one very effective exploit at the moment is running malicious websites from a server windows network in something like a super generic 'about me' page RCEs and other in varioous web code exploits are running right through not only windows defender, but kaspersky, malware etc! I kid you not, this is a very recent discovery ;P

 

[Ralston18]

@wiredsharks

Overall, your comments and tone are pushing Forum rules and policies.

With all due respect to @bill001g (rightfully deserved) I am moving this thread to Opinions and Experiences.

The issues and relevant discussions may be carried on as you all deem applicable.

Or someone else may relocate the threads post. Or even close the post if and as that becomes applicable.

 

[wiredsharks]

@Ralston18 I am new I apologize, i am not sure what rules i broke, but bill responded as if i was just a kid with playing with toys and nothing more. Obviously, the 2 firewalls are both going to get the job done more than enough in a household or even small business. But being intriguied by the price point of the QOtoms, i was curious as to others experiences. as we all know, PC specs can grow obsolete quickly, so with all due respect I can dont think theres anything wrong about asking about the quality of stronger generic products.
My tone is that I run a cpl small businesses under a roof that constantly gets breached. im sorry for asking about firewalls, i thought that would belong in networking.

 

[USAFRet]

"THe biggest issue is my roomates constantly having network breaches. "

Teach your roommates safe computing practices.

"The rules per our ISP explicitly say 1 network per residence. "
"I run a cpl small businesses "

Get a business class service from your ISP.

 

[wiredsharks]

You’re 100% correct about the business service. I just had a call about this w/ my ispop service 2 days ago.
Unfortunately I just couldn’t make it fiscally work . The contract worked out where my share of the cost I already pay for our 1gb bundle, Would multiply by significantly more than 2, and that was for the literally 25mbps top out. Right now as it is, I get 3-400 while both opnvpn on the router and IPSec on the OS. But you’re definitely right and I tried. Next best thing to do is to simply get our networks to stop talking to each other and also mess around with pfsense zoning concepts, or as the gent above referred to toying around. But nothing wrong with learning in the meantime. I currently do have a regular job so these endeavors have been on the hobby side more than profits. Maybe 1 dqy. I am studying to make a career change though. We’ll see how it goes.