1. 4
    1. 2

      Back in the day, we used to say things like “Don’t run a file server on your firewall. In fact, don’t run anything except a firewall on your firewall.”

      1. 1

        I’d agree, except my own firewall has been growing features recently. It’s the only computer in my house that’s always on.

        The bigger problem is that commodity firewalls are crap. This wasn’t a case where an intentionally open ftp service was exploited to compromise the firewall, this was a case where the firewall itself fundamentally failed to firewall off access to services.

    2. 1

      Does anyone have a recommendation for a secure router? I’m constantly seeing stories of how the telco-provided and most off-the-shelf equipment is insecure and never-updated.

      1. 2

        I’ve been running little Atom (and similar) boxes with pfSense for years and years. Open source, secure, 100% under my control, etc.