My chosen firewall platform if Pfsense More information can be found here: http://www.pfsense.org/ and here:http://forum.pfsense.org/ I choose this firewall because it is based on a secure os (freebsd), it is easy to use, very mature, has tons of features and it very good documentation including a book that recently came out: http://www.amazon.com/pfSense-Definitive-Christopher-M-Buechler/dp/0979034280/ref=sr_1_1?ie=UTF8&qid=1304227840&sr=8-1
I have installed it already and have configured my ISPs info. So the next question is what do we do from here. Pfsense is very secure by default but there are a few things that I live to add.
Country Blocking:
Country Blocking does just that, block ips based on their physical location. For most people in the US, there is nothing that any of us need (internet wise) in another country and there is nothing others in other country need from us (if you are running a web server at home, that might be different but I digress). To get the country block package, you can go to system>packages and then find the coutnry block package and install it by clicking the plus next to the package name (I already have it installed as seen here):
You can then go on the firewall>country block to configure any settings you wish. If you are truly hardcore you can block all countries (note, if you do this, make sure you do not block your own country. you will lock yourself out of your firewall lol)
You can even block incoming and outgoing by selection the option on settings tab.
My next post will be about enabling snort on pfsense, tuning it and monitoring the results.
