What's new

Firewall Script?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Theres a new update of skynet I put on only today. Version 7.2.4 , still maintained regularly.
 
there is also Snort3, another ips similar to Suricata. The link is about all I know:
I read the thread. One of the posts referred to a "pfsense appliance." Curiosity led me here: https://shop.netgate.com/products/3100-base-pfsense.

Ok. Starting points: 1)it's insane. 2)it's way above my pay grade. 3)It likely would be less overkill to swat mosquitoes using a 6 inch cannon. 4)Using a Nimitz-class carrier to protect a leaky rowboat strikes me as probably a better cost to value protected ratio than using this on my tiny network.

Nonetheless, I would be interested if anyone had any opinions they would be willing to share. And how would a person even use or deploy(topology etc) something like this?
 
Skynet is my preference also. I'd rather have it than scripts that I have learned of yet. I was getting concerned that it was falling by the way side, but Adamm updated it the day of, or the day before, I posted this thread. Maybe he will continue to.

Some I've found, though, may be some alternatives for Aiprotection. I'm not as concerned about privacy issues as performance. Others have said it degrades the router performance. Some of these other scripts would probably degrade it too, some a lot, so I'm not sure if it's worth substituting it either. A substitute would have to play nice with Skynet, and some of them appear to.
 
I read the thread. One of the posts referred to a "pfsense appliance." Curiosity led me here: https://shop.netgate.com/products/3100-base-pfsense.

Ok. Starting points: 1)it's insane. 2)it's way above my pay grade. 3)It likely would be less overkill to swat mosquitoes using a 6 inch cannon. 4)Using a Nimitz-class carrier to protect a leaky rowboat strikes me as probably a better cost to value protected ratio than using this on my tiny network.

Nonetheless, I would be interested if anyone had any opinions they would be willing to share. And how would a person even use or deploy(topology etc) something like this?
I mean, some slowdown is going to be inevitable if you're inspecting every packet. But like I mentioned upthread, you can get a used HP T620+ on eBay for ~$125 and install pfSense...
 
I think you want a solution with the Skynet option: change "forward firewall" and "outgoing firewall" policies to "blocked" and allow essentials connections ports.
A firewall rule should be as precise as possible, allowing the most necessary network traffic only. If source and destination can be restricted, restrict them. If connections are legitimate only within certain time frames, adjust the rule accordingly.
Good idea!
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top