Messages

1

General Discussion / Re: New user of Opnsense

« on: March 27, 2018, 07:45:10 pm »

Thank you

I found out the error with IPS.
Under : Services: Intrusion Detection: Administration
Home networks : Add your missing ip subnet. Default 192.168.0.0.

Aggainst brutforce SSH:
Under : System: Settings: Administration
Secure Shell
Listen Interfaces : LAN (Default is open to WAN)
(Will try to figure out more to do, but it buys me some time)

2

General Discussion / New user of Opnsense

« on: March 25, 2018, 08:35:25 pm »

Hi

I setup a Opnsense firewall at home today. I have been using OpenBSD 6.2, but wanted to try something else for the easter holiday. I have only desktop and handheld devices, no server for the moment.

Everything works with out much input from me. So it makes me wonder, is there any critical config I need to do?

Nr1: Firewall rules. In Openbsd PF i could ban ip who exceed x criteria, for instance opening to many sessions to fast. Or trying ssh login x times and failing.

Nr2 : SSH config rules . Where can I read. Is root ssh disabled? Can brutforce from internett be used via ssh to crack my password for root?

Nr3 : I tried enabling "IPS mode" but then I cant use internett from desktop.

Nr4 : Log files is so field up with normal trafic, where can I filter for only sucpisus. I tried searching for "blocked".

Nr5 : Cpu usage at 2 % are there any security measure to enable if I have free cpu time to use?

Nr6 : OpenBSD tryes to avoid usage of root, Opnsense use root alot? for login of webadmin, and for running a whole lot of processes?