Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
New user of Opnsense
« previous
next »
Print
Pages: [
1
]
Author
Topic: New user of Opnsense (Read 3452 times)
psypro
Newbie
Posts: 2
Karma: 0
New user of Opnsense
«
on:
March 25, 2018, 08:35:25 pm »
Hi
I setup a Opnsense firewall at home today. I have been using OpenBSD 6.2, but wanted to try something else for the easter holiday. I have only desktop and handheld devices, no server for the moment.
Everything works with out much input from me. So it makes me wonder, is there any critical config I need to do?
Nr1: Firewall rules. In Openbsd PF i could ban ip who exceed x criteria, for instance opening to many sessions to fast. Or trying ssh login x times and failing.
Nr2 : SSH config rules . Where can I read. Is root ssh disabled? Can brutforce from internett be used via ssh to crack my password for root?
Nr3 : I tried enabling "IPS mode" but then I cant use internett from desktop.
Nr4 : Log files is so field up with normal trafic, where can I filter for only sucpisus. I tried searching for "blocked".
Nr5 : Cpu usage at 2 % are there any security measure to enable if I have free cpu time to use?
Nr6 : OpenBSD tryes to avoid usage of root, Opnsense use root alot? for login of webadmin, and for running a whole lot of processes?
«
Last Edit: March 25, 2018, 08:38:11 pm by psypro
»
Logged
elektroinside
Hero Member
Posts: 574
Karma: 51
Re: New user of Opnsense
«
Reply #1 on:
March 26, 2018, 03:01:07 pm »
Hi and welcome!
#1 You can use advanced firewall rules for this
#2 You can use firewall rules and 2FA to enforce ssh, combined with security certificates
#3 Check your IDPS alerts and allow blocked but needed resources
#4 Which ones? Firewall logs?
#5 Don't understand this question
#6 You can create other users and assign permissions, root can be disabled, all from the WebGUI
This is a good starting place to learn about the features of OPNsense:
https://wiki.opnsense.org/manual.html
«
Last Edit: March 26, 2018, 03:04:23 pm by elektroinside
»
Logged
OPNsense v18
| HW: Gigabyte Z370N-WIFI, i3-8100, 8GB RAM, 60GB SSD, | Controllers: 82575GB-quad, 82574, I221, I219-V | PPPoE: RDS Romania | Down: 980Mbit/s | Up: 500Mbit/s
Team Rebellion Member
psypro
Newbie
Posts: 2
Karma: 0
Re: New user of Opnsense
«
Reply #2 on:
March 27, 2018, 07:45:10 pm »
Thank you
I found out the error with IPS.
Under : Services: Intrusion Detection: Administration
Home networks : Add your missing ip subnet. Default 192.168.0.0.
Aggainst brutforce SSH:
Under : System: Settings: Administration
Secure Shell
Listen Interfaces : LAN (Default is open to WAN)
(Will try to figure out more to do, but it buys me some time)
Logged
elektroinside
Hero Member
Posts: 574
Karma: 51
Re: New user of Opnsense
«
Reply #3 on:
March 28, 2018, 06:18:54 am »
Well done!
The thing is that nobody knows better what do you need or expect from your firewall, and so, it is better to read first, to learn about its features and most of all, learn its limits.
Logged
OPNsense v18
| HW: Gigabyte Z370N-WIFI, i3-8100, 8GB RAM, 60GB SSD, | Controllers: 82575GB-quad, 82574, I221, I219-V | PPPoE: RDS Romania | Down: 980Mbit/s | Up: 500Mbit/s
Team Rebellion Member
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
New user of Opnsense