OPNsense Forum

English Forums => General Discussion => Topic started by: psypro on March 25, 2018, 08:35:25 pm

Title: New user of Opnsense
Post by: psypro on March 25, 2018, 08:35:25 pm

Hi

I setup a Opnsense firewall at home today. I have been using OpenBSD 6.2, but wanted to try something else for the easter holiday. I have only desktop and handheld devices, no server for the moment.

Everything works with out much input from me. So it makes me wonder, is there any critical config I need to do?

Nr1: Firewall rules. In Openbsd PF i could ban ip who exceed x criteria, for instance opening to many sessions to fast. Or trying ssh login x times and failing.

Nr2 : SSH config rules . Where can I read. Is root ssh disabled? Can brutforce from internett be used via ssh to crack my password for root?

Nr3 : I tried enabling "IPS mode" but then I cant use internett from desktop.

Nr4 : Log files is so field up with normal trafic, where can I filter for only sucpisus. I tried searching for "blocked".

Nr5 : Cpu usage at 2 % are there any security measure to enable if I have free cpu time to use?

Nr6 : OpenBSD tryes to avoid usage of root, Opnsense use root alot? for login of webadmin, and for running a whole lot of processes?

Title: Re: New user of Opnsense
Post by: elektroinside on March 26, 2018, 03:01:07 pm

Hi and welcome!

#1 You can use advanced firewall rules for this
#2 You can use firewall rules and 2FA to enforce ssh, combined with security certificates
#3 Check your IDPS alerts and allow blocked but needed resources
#4 Which ones? Firewall logs?
#5 Don't understand this question
#6 You can create other users and assign permissions, root can be disabled, all from the WebGUI

This is a good starting place to learn about the features of OPNsense:
https://wiki.opnsense.org/manual.html

Title: Re: New user of Opnsense
Post by: psypro on March 27, 2018, 07:45:10 pm

Thank you

I found out the error with IPS.
Under : Services: Intrusion Detection: Administration
Home networks : Add your missing ip subnet. Default 192.168.0.0.

Aggainst brutforce SSH:
Under : System: Settings: Administration
Secure Shell
Listen Interfaces : LAN (Default is open to WAN)
(Will try to figure out more to do, but it buys me some time)

Title: Re: New user of Opnsense
Post by: elektroinside on March 28, 2018, 06:18:54 am

Well done!

The thing is that nobody knows better what do you need or expect from your firewall, and so, it is better to read first, to learn about its features and most of all, learn its limits.