Search found 336 matches

by dnl
February 9th, 2019, 10:50 am
Forum: IPFire in General
Topic: Newbie needs help with IPFire Security hardening
Replies: 3
Views: 333

Re: Newbie needs help with IPFire Security hardening

PS: If you have a specific question about hardware, it might be best to write a new thread about it.
by dnl
February 9th, 2019, 10:38 am
Forum: IPFire in General
Topic: Newbie needs help with IPFire Security hardening
Replies: 3
Views: 333

Re: Newbie needs help with IPFire Security hardening

I followed this manual: https://wiki.ipfire.org/optimization/start/security_hardening # (Many thanks to the Autor of the hardening guide: https://forum.ipfire.org/viewtopic.php?f=27&t=15151&start=30 ) Thank you! -I don't use the Intrusion Detection System or URL-Filter because i think my IPFire-Har...
by dnl
December 30th, 2018, 3:19 am
Forum: IPFire in General
Topic: Ipfblocklist (IP Blocklists for IPFire)
Replies: 13
Views: 932

Re: Ipfblocklist (IP Blocklists for IPFire)

TimF wrote:
December 29th, 2018, 4:34 pm
The plan is to include this functionality into IPFire.
Awesome! 8)
by dnl
December 29th, 2018, 9:10 am
Forum: IPFire in General
Topic: Permanently block external ICMP only [SOLVED]
Replies: 6
Views: 1868

Re: Permanently block external ICMP only [SOLVED]

Updated the wiki page and added a section briefly explaining the -i interface option. https://wiki.ipfire.org/en/optimization/ping/start I was just updating my documentation and it appears in the past year someone has deleted my page of instructions - they're not at the new URL :( https://wiki.ipfi...
by dnl
December 22nd, 2018, 4:20 am
Forum: Development
Topic: Ossec for IPFire
Replies: 34
Views: 8580

Re: Ossec for IPFire

ummeegge wrote:
December 21st, 2018, 5:12 am
yes an agent package is provided.

Did an update to Wazuh 3.7.2 now but it is currently not up. I will build new versions only for 64bit, have dropped 32bit versions.
Thank you. I don't use 32bit Linux any longer.
by dnl
December 20th, 2018, 8:26 am
Forum: Development
Topic: Ossec for IPFire
Replies: 34
Views: 8580

Re: Ossec for IPFire

Hello ummeegge, I'm sorry that I was not clear. You have not understood what I meant. I'm after an agent package for Wazuh for IPFire as I intend to run a master elsewhere. Is that something you have packaged? Also running *any* software is a risk. I have no concerns about Wazuh or the components th...
by dnl
December 17th, 2018, 10:36 am
Forum: Development
Topic: Ossec for IPFire
Replies: 34
Views: 8580

Re: Ossec for IPFire

Hi ummeegge, It is possible for me to pull the Wazuh agent component from your installer(s) and run only that on IPFire? I like the idea of Wazuh, but running all those components (as well most IPFire features and ntopng) would use a lot of resources/power and open a very large attack surface on a r...
by dnl
December 2nd, 2018, 7:31 am
Forum: IPFire in General
Topic: Snort Rules Update
Replies: 81
Views: 22750

Re: Snort Rules Update

??? So, I'm not quite sure how to fix this issue. I changed the code to correct for the issue that was discovered, however, everything is now working as expected except for the fact that the oinkmaster.pl file doesn't appear to be incrementing the version of Snort. Below is the results of running t...
by dnl
December 2nd, 2018, 6:03 am
Forum: IPFire in General
Topic: I wrote an IPFire Security Hardening guide
Replies: 33
Views: 7275

Re: I wrote an IPFire Security Hardening guide

Saiyato wrote:
November 28th, 2018, 9:16 pm
You can find it here: https://wiki.ipfire.org/optimization/st ... _hardening
Thank you for sending the correct link.

I have now updated the first post.
by dnl
December 2nd, 2018, 5:54 am
Forum: IPFire in General
Topic: I wrote an IPFire Security Hardening guide
Replies: 33
Views: 7275

Re: I wrote an IPFire Security Hardening guide

You are most welcome. Thank you for writing the tutorial. You make a very good point concerning SMTP and IMAP; both are common protocols used by spammers. I also like the idea of creating a restrictive policy around SSH, and whitelisting trusted users. Two factor verification and the implementation...
by dnl
November 28th, 2018, 9:46 am
Forum: Development
Topic: ntopng for IPFire
Replies: 121
Views: 24640

Re: ntopng for IPFire

Can you describe your procedures step by step to better reproduce this bug so we can possibly ask on the ntopng community for a possible fix. The problem still occurs for me, but I've not kept a list of everything I've changed, sorry! When I have time I'll reset/drop the database and try again from...
by dnl
November 28th, 2018, 9:44 am
Forum: IPFire in General
Topic: I wrote an IPFire Security Hardening guide
Replies: 33
Views: 7275

Re: I wrote an IPFire Security Hardening guide

I would like to start by thanking you for a wonderful guide to hardening IPFire. Your tutorial is concise, accurate, and easy to fallow. Thanks very much! On the subject of configuring outgoing firewall rules, a good starting point is to research a subject known as Egress Filtering. I am not certai...
by dnl
November 25th, 2018, 8:49 am
Forum: Development
Topic: ntopng for IPFire
Replies: 121
Views: 24640

Re: ntopng for IPFire

Hi again,
ummeegge wrote:
November 23rd, 2018, 10:28 am
Is this persistent or does it only appears sometimes ?
I enabled "Network Discovery" in the preferences and have it running once a day. It seems that feature will override changes made to a host, which is not what I expected.
by dnl
November 23rd, 2018, 1:28 am
Forum: Development
Topic: ntopng for IPFire
Replies: 121
Views: 24640

Re: ntopng for IPFire

Hello Ummeegge, I've got a problem where ntop is only showing my BLUE (WiFi) network in dashboards and in the "Local Hosts" page. All my GREEN (wired) network devices do appear in the "All Hosts" page though. Your shell script has set the "--local-networks" option correctly for BOTH networks in /etc...
by dnl
November 22nd, 2018, 9:36 am
Forum: Development
Topic: ntopng for IPFire
Replies: 121
Views: 24640

Re: ntopng for IPFire

Thanks ummeegge, your installer is very easy to use.

I've just installed it and will spend a bit of time reading the documentation to understand this application.