So here’s my current setup… I have a Windows VM that is basically set up for downloading torrents and the like, I have an Unraid box with shares and it’s also hosting a Plex Server for media sharing (the Win VM downloads to this, and I have a pfsense box which does:
Suricata, squid with virus scan, ntop, some light traffic shaping, as well as run all of the download VM traffic through Private Internet Access VPN which I set up through openvpn… I have it configured to also block windows telemetry.
This is about it for what I have my server(s) doing - but I have more bandwidth and I’m looking for other cool appliances to run… I have been looking at other firewall applications that seem cool, but I wanted to throw it out to the forum to see if anyone has some idea on what else I could be doing. It’s doesn’t all have to be “necessary”, ie, having enterprise grade networks security at home etc, but I like playing with it, learning, and ultimately it’s pretty badass.
So what do y’all think - where should I go from here?
Oh, and just a tip, I’m using a site called showrss.info to create a custom RSS feed of TV show torrents that automatically download which has been AWESOME… highly recommended. I do movies manually, but can add them remotely with utorrent remote and they just drop right into Plex - great for grabbing something to watch on the road.
Well, just looking around a little I see stuff like Sophos and Comodo - I wonder if those provide additional value add or if they’d just be redundant? I guess I’m not really sure… I learned about pfsense here and now I’m just smitten with it - and I’m left wondering what else there is that I could add to the network to make it even cooler.
The other thing I was wondering about doing was maybe just setting up a number of OS VMs so that I could play with them. If I used esxi and installing BSD, some oddball Linux distros (I dual boot Win10 and Elementary on my main rig), and maybe some other odd things like Solaris or whatever… I guess I just don’t know why I’d use them - but it might be neat.
You already have a pretty comprehensive setup. Maybe start dipping into the logs more? Maybe mess around with ELK or free splunk to ingest various logs and see who or what is always knocking on your front door.
I have my WiFi on a seperate sub-domain and it just goes into a wireless router that’s set up in AP mode… nothing fancy I guess… what are your thoughts?
Wireshark maybe? Something I’ve been wanting to try but don’t have time to fuck with.
Depends, is that wireless router working well enough for you? If it’s a nice enough model they do well enough for a small home. And in my experience they will eventually lose their config somehow and start pushing out DHCP fucking up your network.
I have been using Ubiquiti’s UniFi products for about 3 years now and I’m thoroughly impressed with them (even thinking about purchasing some UBNT stock, wish I had a year ago. I believe it doubled).
You could setup Pi-hole in a container or VM somewhere to block ads on your entire network. That’s a fun half-hour project.
You could also setup monitoring, I use and recommend the very simple Monit but some people do elaborate stuff with Grafana, Zabbix, Icinga, Splunk, etc.
It should. For instance I am using an add-on for splunk that makes my pfsense logs very readable, with geographic map overlays etc. The two Snort add-ons seem to be janky and I will probably need to make from scratch- a really good project I should do.