Following performance issues with my all-in-one IPS/Router setup on my home network, I decided to split it between a pfSense-based IPS and a Linux-based router. This article explains why I made that choice, how I revised my architecture and the resulting implementation.
If you read this, you've probably been there: you're the family's IT guy, and every now and then you fix a computer. Potentially full of malware and other nasty stuff. This article discusses my approach to being a nice guy without endangering my own machines.
Firewalls are a good thing, but they're not enough anymore. Ports don't define traffic anymore, we must have a look at the applicative level to enforce policies and block malicious traffic efficiently. Here I present how I set up one of the open source leaders, Suricata.
When you have a limited trust in your ISP and don't know how far he can (or wants to) enter your network from the modem, you're like me and end up settings up your own router behind this modem. This article starts this story with an IPv4-only router.