My Firewall

I designed and configured my own home firewall to better understand how real networks operate, segment, and protect assets. I wanted to see how decisions made at the network layer directly affect security, performance, and visibility in a live environment rather than an abstract diagram. Through this process, I implemented VLANs, routed traffic, and established port forwarding while isolating and securing devices across different network segments. This forced me to think carefully about trust boundaries, lateral movement, and how improper segmentation can quickly turn a small issue into a full network compromise.

I managed IP addressing, both static and dynamic, to analyze how traffic moves, how devices connect, and how misconfigurations create security risks. Working through real routing tables, DHCP behavior, and gateway logic gave me a much deeper understanding of why networks fail and how attackers take advantage of those failures. This setup challenged me to think like both an administrator and a defender, reinforcing core networking fundamentals and giving me practical experience securing a live environment instead of just designing one on paper.

My firewall was exposed to the internet, I was attacked many times by bots and hackers, which gave me direct exposure to real world threat activity. I learned how to identify attack patterns, apply proper security fixes, and continuously harden my environment as new issues surfaced. Over time, I developed better tradecraft by tightening rule sets, reducing unnecessary exposure, and improving monitoring. I also worked on improving bandwidth and reliability through redundancy planning and proper cabling, learning how physical and logical design choices impact performance.

I configured the environment extensively and implemented both Snort and Suricata rules, which helped me understand intrusion detection, alert tuning, and the balance between noise and actionable signals. I learned how to better enforce security controls, such as DNS filtering, including using providers like Cloudflare at 1.1.1.3, and how to secure DNS traffic using protocols like port 853 for encrypted DNS. This experience tied together networking, detection, and defensive security in a way that only hands on exposure can provide.