LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-25-2017, 08:23 AM   #1
baywalk
LQ Newbie
 
Registered: Sep 2017
Posts: 3

Rep: Reputation: Disabled
Need Basic Linux Compatible Router with Good Security Features


I am new to Linux. I am planning to install Linux Mint Mate (have "official" installation DVD) on a brand new Intel NUC 515RYH box with a 250 GB WD SATA (bare drive) & 8 GB Hyper RAM.
I would like to include a new router in my configuration, but could use some help deciding.
I have DSL and my usage demands are very nominal. I do not game and rarely stream; generally I am the only user. I am primarily concerned with security, and don't mind paying for a good router, but I don't want to overpay for features that are of no benefit to my situation.
Any suggestions would be appreciated. Thanks.
TOM
 
Old 09-25-2017, 08:33 AM   #2
Emerson
LQ Sage
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~arch
Posts: 7,231

Rep: Reputation: Disabled
Most DSL modems I have seen have built-in router. All you need is a network switch. Indeed, you can put the modem into bridge mode and use your own router. Is this what you want to do?
 
Old 09-25-2017, 05:29 PM   #3
syg00
LQ Veteran
 
Registered: Aug 2003
Location: Australia
Distribution: Lots ...
Posts: 19,780

Rep: Reputation: 3573Reputation: 3573Reputation: 3573Reputation: 3573Reputation: 3573Reputation: 3573Reputation: 3573Reputation: 3573Reputation: 3573Reputation: 3573Reputation: 3573
Agree - anything will work with Linux. I've used almost all the vendors, and these days they all self-configure for your ISP as soon as you plug them in. However the Belkin I pulled out a couple of weeks back was a pile of crap. It had the modem in the power pack rather than the router itself, and was really susceptible to line noise. Also couldn't assign fixed addresses (for printers, backup host ...). Pile of junk.

As for security "benefits" spruked by salesmen, most will be of no benefit - parental control, guest network, isolated sub-networks. Probably of no use to you, so don't pay extra for those. Most kit is pretty secure these days if you keep the firmware up to date, and don't open any ports. First thing you must do is change the password.

Meant to mention, what I look for as my top "must have" is wifi range. Big house, office on one side, needs to span to the other side of the house.

Last edited by syg00; 09-25-2017 at 05:33 PM. Reason: last bit
 
Old 09-25-2017, 08:41 PM   #4
jefro
Moderator
 
Registered: Mar 2008
Posts: 20,984

Rep: Reputation: 3405Reputation: 3405Reputation: 3405Reputation: 3405Reputation: 3405Reputation: 3405Reputation: 3405Reputation: 3405Reputation: 3405Reputation: 3405Reputation: 3405
The default security on a dsl modem is pitiful in my opinion.

If you want security then consider making a virtual machine UTM or layer 7+ firewall in this new box then point all your traffic to and from that vm. I'd suggest Untangle linux distro as it is pretty simple to get security going.

You can install Untangle on a few of the top tier routers but they aren't powerful enough to run a few of the features.

I have no connection with untangle.

Last edited by jefro; 09-26-2017 at 03:03 PM.
 
Old 09-25-2017, 09:33 PM   #5
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 17,506
Blog Entries: 28

Rep: Reputation: 5434Reputation: 5434Reputation: 5434Reputation: 5434Reputation: 5434Reputation: 5434Reputation: 5434Reputation: 5434Reputation: 5434Reputation: 5434Reputation: 5434
A Linux sysadmin of my acquaintance will use only routers to which he can install tomato.
 
Old 09-26-2017, 11:31 AM   #6
DavidMcCann
LQ Veteran
 
Registered: Jul 2006
Location: London
Distribution: PCLinuxOS, Debian
Posts: 5,790

Rep: Reputation: 2153Reputation: 2153Reputation: 2153Reputation: 2153Reputation: 2153Reputation: 2153Reputation: 2153Reputation: 2153Reputation: 2153Reputation: 2153Reputation: 2153
Any modem should be secure. I used an on-line testing service to check that mine would not respond to pings, for example, and it passed.

Mint, like most (all?) Debian derivatives has its own firewall disabled by default (don't ask why…) but you can enable it with the command
sudo ufw enable
To reassure yourself that it's working, give it a few seconds to sort itself out and try
sudo ufw status verbose

Don't forget to use a good password if you are using a wifi connection to the router!
 
Old 09-26-2017, 04:46 PM   #7
baywalk
LQ Newbie
 
Registered: Sep 2017
Posts: 3

Original Poster
Rep: Reputation: Disabled
Thanks to All

Thanks to everyone for the helpful info. The router & modem are separate. After some further research, I decided to just try a basic Linksys WRT54GL. While around a long time, it is quite inexpensive and appears to be open source capable, so I could optionally load DD-WRT.
 
Old 09-26-2017, 05:56 PM   #8
Shadow_7
Senior Member
 
Registered: Feb 2003
Distribution: debian
Posts: 4,137
Blog Entries: 1

Rep: Reputation: 873Reputation: 873Reputation: 873Reputation: 873Reputation: 873Reputation: 873Reputation: 873
I use an asus rt-n12. That I put ddwrt on. Someday I'll know enough to cope in openwrt's CLI land. When I'm super paranoid I'll have a raspberry pi between the internet and the home network with a usb ethernet dongle to have two ports including the ethernet on device. But my ISPs are slow so it's not a bottleneck. This opens up options for firewalling and monitoring everything leaving the house. But it can be annoying if the power blinks a lot since there's no battery fallback like a laptop.
 
Old 09-26-2017, 06:18 PM   #9
syg00
LQ Veteran
 
Registered: Aug 2003
Location: Australia
Distribution: Lots ...
Posts: 19,780

Rep: Reputation: 3573Reputation: 3573Reputation: 3573Reputation: 3573Reputation: 3573Reputation: 3573Reputation: 3573Reputation: 3573Reputation: 3573Reputation: 3573Reputation: 3573
I have the above in place, (primary driven by wanting to monitor Win10) and bought a power board with built-in battery. Not a "real" UPS, but enough for the ADSL/Cable router and pi3.
But as a general principle with an all Linux household, I'd reckon it is now unnecessary. My house has deadlocks, but not crash-proof bollards across the gate - sensible precautions are probably enough.
 
Old 09-27-2017, 06:51 AM   #10
JeremyBoden
Senior Member
 
Registered: Nov 2011
Location: London, UK
Distribution: Debian
Posts: 1,895

Rep: Reputation: 469Reputation: 469Reputation: 469Reputation: 469Reputation: 469
Your average router incorporates as standard:-
A firewall, wireless, DHCP, NAT and has 4 ethernet points for your LAN plus a single WAN connection to your DSL modem.

Your router is basically a specialised, miniaturised Linux box with some extra hardware.
 
Old 09-27-2017, 07:11 AM   #11
Emerson
LQ Sage
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~arch
Posts: 7,231

Rep: Reputation: Disabled
Don't touch it! It works!

Average home user ignores the router built into modem. It does NAT already in the modem. So there is no need for another NAT router. But who cares. I've seen a setup like this: Modem, doing NAT > standalone wired NAT router > wireless NAT router. Triple NAT! And if you tell them it is not sane then they say: It works, we do not want to touch it. If we just could access that wired PC from our wireless laptop ...
 
Old 09-27-2017, 08:09 AM   #12
JeremyBoden
Senior Member
 
Registered: Nov 2011
Location: London, UK
Distribution: Debian
Posts: 1,895

Rep: Reputation: 469Reputation: 469Reputation: 469Reputation: 469Reputation: 469
The modem doesn't do NAT because it just converts an analogue signal to/from a digital one.

Or are we talking about a modem/router combined in a single box?

Last edited by JeremyBoden; 09-27-2017 at 08:13 AM.
 
Old 09-27-2017, 08:11 AM   #13
Emerson
LQ Sage
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~arch
Posts: 7,231

Rep: Reputation: Disabled
What modem you are talking about. I have a DSL modem here that definitely does NAT. In other words, it has built-in router.
 
Old 09-27-2017, 08:43 AM   #14
JeremyBoden
Senior Member
 
Registered: Nov 2011
Location: London, UK
Distribution: Debian
Posts: 1,895

Rep: Reputation: 469Reputation: 469Reputation: 469Reputation: 469Reputation: 469
It is common for modem/routers to be sold as a combined unit.

However
I actually have a separate modem and router.

The modem performs no network functions.
 
Old 09-27-2017, 08:55 AM   #15
Emerson
LQ Sage
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~arch
Posts: 7,231

Rep: Reputation: Disabled
Splitting hairs. Yes, modem means modulator-demodulator. There were times when modems were just that. But I have yet to see a DSL modem which is not a combined unit with built-in router. It has to be put into bridge mode not to do any network functions. Are you suggesting modern modems should be called modem-routers instead? Then how about wireless routers. Those should be called router-switch-accesspoints.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Logic Supply Announces Linux-Compatible Fanless PC with Unparalleled Features LXer Syndicated Linux News 0 06-11-2015 05:30 AM
router security features linuxhippy Slackware 4 04-25-2005 07:50 AM
Good Linux Compatible Modems. rvijay Linux - Hardware 3 09-07-2003 02:24 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 05:56 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration