"
Hi
I setup a Opnsense firewall at home today. I have been using OpenBSD 6.2, but wanted to try something else for the easter holiday. I have only desktop and handheld devices, no server for the moment.
Everything works with out much input from me. So it makes me wonder, is there any critical config I need to do?
Nr1: Firewall rules. In Openbsd PF i could ban ip who exceed x criteria, for instance opening to many sessions to fast. Or trying ssh login x times and failing.
Nr2 : SSH config rules . Where can I read. Is root ssh disabled? Can brutforce from internett be used via ssh to crack my password for root?
Nr3 : I tried enabling "IPS mode" but then I cant use internett from desktop.
Nr4 : Log files is so field up with normal trafic, where can I filter for only sucpisus. I tried searching for "blocked".
Nr5 : Cpu usage at 2 % are there any security measure to enable if I have free cpu time to use?
Nr6 : OpenBSD tryes to avoid usage of root, Opnsense use root alot? for login of webadmin, and for running a whole lot of processes?
I setup a Opnsense firewall at home today. I have been using OpenBSD 6.2, but wanted to try something else for the easter holiday. I have only desktop and handheld devices, no server for the moment.
Everything works with out much input from me. So it makes me wonder, is there any critical config I need to do?
Nr1: Firewall rules. In Openbsd PF i could ban ip who exceed x criteria, for instance opening to many sessions to fast. Or trying ssh login x times and failing.
Nr2 : SSH config rules . Where can I read. Is root ssh disabled? Can brutforce from internett be used via ssh to crack my password for root?
Nr3 : I tried enabling "IPS mode" but then I cant use internett from desktop.
Nr4 : Log files is so field up with normal trafic, where can I filter for only sucpisus. I tried searching for "blocked".
Nr5 : Cpu usage at 2 % are there any security measure to enable if I have free cpu time to use?
Nr6 : OpenBSD tryes to avoid usage of root, Opnsense use root alot? for login of webadmin, and for running a whole lot of processes?
