Milestone hit 30 days without opnsense being destroyed

Started by someone, December 22, 2025, 02:15:49 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 22, 2025, 02:15:49 AM Last Edit: December 22, 2025, 02:23:32 AM by someone
I have hit 30 days without attacks from internet side via firewall and suricata from compromising opnsense. Thats well over 100,000 attacks in a months time.  The new threat was browser intrusion going through the LAN side to opnsense. Using linux mint with apparmor builtin has hopefully stopped that. They cant grab your operating system. To let you know if using mint or similar. Install apparmor-utils, apparmor-profiles, apparmor-profiles-extra, apparmor-notify, and auditd to monitor logs, all internal commands and calls, etc.The added profiles will block coming through your browser to execute commands they should not be doing. At present they are default. You can alter and do further restriction if necessary. This is protecting opnsense backend. Where everything is allowed. Tried other techniques that didnt work out so good. Hope this helps those that need it. Note running firewall and suricata IPS in default.
Today at 01:41:11 PM #1
Print
Go Up Pages1
User actions