firewall — LowEndSpirit

OpenSense Hardening & sunnyvalley.cloud referral

hornet — Thu, 11 May 2023 19:10:54 +0000

I have been reading about and watching pfSense and OpenSense videos for one year. Time to pull the trigger.

Looking to have a rock-hard residential connection. Which setup tweaks do you recommend? Plug-ins?

Anyone have a sunnyvalley.cloud referral link?

LowEnd Segmented Wireless and Wired VLAN Networks

xleet — Sat, 17 Sep 2022 17:44:33 +0000

I would like to segment my home network into separate VLANs. The goal is to prevent appliances like doorbell cameras and video streaming devices from accessing the LAN that residents use for their personal computers and phones.

That means several WiFi SSIDs that are on separate LAN segments. I have switches that support 802.1q VLAN tagging, but they are still operating as unmanaged switches.

Which firewall would you recommend that supports this kind of networking with VLAN tagging?
Which access points would you recommend that support multiple SSIDs (say 8 different ones) with appropriate VLAN tagging?

New WAF by Cloudflare.. will you bite?

vyas — Wed, 31 Mar 2021 12:44:23 +0000

Preference (of course ) for paid tier.

https://blog.cloudflare.com/new-cloudflare-waf/

Or will you go DIY route?

Linode Firewall (Beta)

vyas — Sat, 24 Oct 2020 00:17:39 +0000

I came across a post talking about Linode Firewall that is in beta. One has to apply to the program to use but...

My question : is this different (or better ) than standard / cli tools ?

https://www.linode.com/products/firewall/

General Setup for MMO and Firewall

kind — Mon, 27 Jul 2020 00:19:14 +0000

Hello guys, its me again.
As im progress with the setup, new doubts are comming.
First of all, im gonna tell you about my setup and why I rent a dedicated server.
I have 2 servers of MMORPG, and, usually we (the ppl who has this kind of servers) rent vps, problem is most of the ppl who rent related to this game don't have a clue about nothing, and oversell resources af. So, since my 2 vps cost around 35USD monthly, I decided to take the leap and move to soyoustart.
My goal is to setup 4 vps with Windows Server (2 operationals and 2 for test).
This is the specs of my server: SYS-LE-2 Server - Intel Xeon E5-1620v2 - 32GB DDR3 ECC 1600MHz - 2x 800GB SSD SATA Soft RAID and it has Proxmox VE 6.2.

That being said, I have a couple of general questions:
1. OVH Monitor isn't enabled for SYS right?
2. Do you recommend to have RAID setup for this use? Currently I have one of the SSD unmounted.
3. What its the best configuration for Windows regarding VM options. Screen:

And about Firewall (the same topic since setup is relevant):
1. Is there a file config to see all the rules that has been applied? Im aware of iptables -S
2. Do you really see crucial to add a rule for SSH and GUI access only from 1 ip? Im from Argentina, and all the companies here use dynamic ip, or its enough with anti brute rules?
3. All the rules I apply to main server in SSH would be apply to my VM's if network firewall is enabled?
4. Need to limit connection ammount per IP and per time, I read this tutorial (hope isn't againts the rules share the link) https://javapipe.com/blog/iptables-ddos-protection/ with a bit of tweaks could be exactly what I need, only if I can add a ban to the ip that exceed the limite, for 30mins lets said.
5. Is there a way to add a whitelist IP for certain rules only? Like for example, I wanna limit connections with the rules from the link above, to 15 connections over 30sec.

Think that would be all. Thanks to all for reading, sorry for all the questions and the bad english ^^

Do you block traffic from China?

havoc — Thu, 09 Jan 2020 10:15:19 +0000

From reading various things on the intertubes at least some people seem to do this. On the basis that a lot of the traffic is not legit and/or malicious.

Thoughts on this? yay/nay

Also, anybody know a clean way of managing this type of stuff. I know one can download country IP blocks and funnel it into iptables but not sure how to remove/manage