Re: [GLLUG] Best NIX-based router/software for a small business network
On 15/06/2021 20:45, James Courtier-Dutton via GLLUG wrote: So, the best defense is using a backup system that cannot be attacked by a Ransomware attack. And your second line of defence is a second backup system that cannot be attacked by a Ransomware attack... For the third, maybe a local backup using a system that does not rely on the OS mounting a drive, and then I would probably put #4 as some really good granular share, file and folder permissions that limits what any one person can do to the system, as that also helps to protect against disgruntled employees getting nasty. A firewall is very far down my list. And for it to be of any use in this scenario it really does need some form of proxy with a URL blacklist subscription, and you probably already get that with the decent anti-virus solution you should have already bought by this point... Regards, Marco -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug
Re: [GLLUG] Best NIX-based router/software for a small business network
On Mon, 14 Jun 2021 at 15:44, gvim via GLLUG wrote: > > With ransomeware becoming a threat to both small and large businesses I'm > inclined to advise small businesses to change their router as a first line of > defence. What is currently the best NIX-based router/software? pfSense? > The first and most important defense against Ransomware is not a firewall. The first thing to consider is how to recover after falling victim. If you can recover from a Ransomware attack without needing to pay ransom, you have defeated it. The main risk of a Ransomware attack is that they have managed to encrypt both your data and the backups of all the data. So, the best defense is using a backup system that cannot be attacked by a Ransomware attack. This is normally some sort to write once, store offsite backup, so the Ransomware attacker cannot delete or encrypt the backups. Once you have that protection, the next step is to look at ways to limit the disruption. This normally involves adding monitoring tools so that you are more likely to detect a malicious actor within your network. The final step is to try and prevent the attack in the first place. The problem with this final step is that there are always new zero day attacks, so whatever you come up with here is never 100% protection. That is another reason why the other steps above are more effective and more important to do . Kind Regards James Kind Regards James -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug
Re: [GLLUG] Best NIX-based router/software for a small business network
I think every platform has security vulnerabilities. I'm not aware of anything super significant for OpenWRT as opposed to any other release (meaning, they all have their problems). Of course, if you're on the vendor-supplied version and not the main release, you're still waiting for them to get out the updates. Anything that isn't getting updated is going to have vulnerabilities. That's why I tend to go for devices that are designed for the release -- you're in a better position for updates, even if the vendor can't be bothered. BTW, the GL iNet link for the Convexa-B is https://www.gl-inet.com/products/gl-b1300/ T On 15/06/2021 18:12, gvim via GLLUG wrote: > Didn't OpenWRT have some security holes a while back? I'm trying to > sell clients on a first line of defence against potential ransomware > attacks so I need something rock solid. > > gvim > > > On 14/06/2021 17:02, Travis Mooney via GLLUG wrote: >> There are off the shelf OpenWRT routers. I use: >> >> * Turris Omnia as edge routers: >> https://www.turris.com/en/omnia/overview/ >> * GL iNet Convexa-B as access points >> >> Both work well, and are native OpenWRT solutions. The Omnia is a bit >> expensive, but you could just stick with GL iNet devices if cost is a >> problem. >> >> Kind regards, >> >> travis >> >> On 14/06/2021 16:56, Peter Grant via GLLUG wrote: >>> >>> On Mon, 14 Jun 2021 at 16:43, Martin A. Brooks via GLLUG >>> mailto:gllug@mailman.lug.org.uk>> wrote: >>> >>> On 2021-06-14 15:42, gvim via GLLUG wrote: >>> > With ransomeware becoming a threat to both small and large >>> businesses >>> > I'm inclined to advise small businesses to change their router >>> as a >>> > first line of defence. What is currently the best NIX-based >>> > router/software? pfSense? >>> >>> If I was installing such a thing at a customer site I would first >>> suggest a reasonable off the shelf product rather than a custom >>> built >>> black box. >>> >>> >>> I have run pfsense very happily at work (and home) for many years - >>> it's nicely comprehensive and easy to use. Netgate (owners of >>> pfsense) make some devices with pfsense preinstalled, which I can't >>> speak from much experience with. Until we moved office and I got the >>> budget to replace it, we have an old Pentium dual core Dell desktop >>> running pfsense. >>> Peter >>> >>> >> -- >> ** >> >> Travis Mooney-Evans >> tra...@mooney-evans.com >> +447908631440 >> Skype: ttmooney >> >> > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- ** Travis Mooney-Evans tra...@mooney-evans.com +447908631440 Skype: ttmooney -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug
Re: [GLLUG] Best NIX-based router/software for a small business network
On 2021-06-15 18:12, gvim via GLLUG wrote: Didn't OpenWRT have some security holes a while back? I'm trying to sell clients on a first line of defence against potential ransomware attacks so I need something rock solid. There are many vectors for ransomware that aren't the router/firewall. If you want to sell your clients protection from ransomware, I'd start with their backup regime. A "rock solid" backup system will mitigate close to 100% of ransonware attacks. -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug
Re: [GLLUG] Best NIX-based router/software for a small business network
Don't think a firewall / router is going to give you any sort of protection against ransomware attacks. Even if is able to block dodgy sites it's of little use against that memory stick someone just dropped. Regards, Marco On 15/06/2021 18:12, gvim via GLLUG wrote: Didn't OpenWRT have some security holes a while back? I'm trying to sell clients on a first line of defence against potential ransomware attacks so I need something rock solid. gvim On 14/06/2021 17:02, Travis Mooney via GLLUG wrote: There are off the shelf OpenWRT routers. I use: * Turris Omnia as edge routers: https://www.turris.com/en/omnia/overview/ * GL iNet Convexa-B as access points Both work well, and are native OpenWRT solutions. The Omnia is a bit expensive, but you could just stick with GL iNet devices if cost is a problem. Kind regards, travis On 14/06/2021 16:56, Peter Grant via GLLUG wrote: On Mon, 14 Jun 2021 at 16:43, Martin A. Brooks via GLLUG mailto:gllug@mailman.lug.org.uk>> wrote: On 2021-06-14 15:42, gvim via GLLUG wrote: > With ransomeware becoming a threat to both small and large businesses > I'm inclined to advise small businesses to change their router as a > first line of defence. What is currently the best NIX-based > router/software? pfSense? If I was installing such a thing at a customer site I would first suggest a reasonable off the shelf product rather than a custom built black box. I have run pfsense very happily at work (and home) for many years - it's nicely comprehensive and easy to use. Netgate (owners of pfsense) make some devices with pfsense preinstalled, which I can't speak from much experience with. Until we moved office and I got the budget to replace it, we have an old Pentium dual core Dell desktop running pfsense. Peter -- ** Travis Mooney-Evans tra...@mooney-evans.com +447908631440 Skype: ttmooney -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug
Re: [GLLUG] Best NIX-based router/software for a small business network
Didn't OpenWRT have some security holes a while back? I'm trying to sell clients on a first line of defence against potential ransomware attacks so I need something rock solid. gvim On 14/06/2021 17:02, Travis Mooney via GLLUG wrote: There are off the shelf OpenWRT routers. I use: * Turris Omnia as edge routers: https://www.turris.com/en/omnia/overview/ * GL iNet Convexa-B as access points Both work well, and are native OpenWRT solutions. The Omnia is a bit expensive, but you could just stick with GL iNet devices if cost is a problem. Kind regards, travis On 14/06/2021 16:56, Peter Grant via GLLUG wrote: On Mon, 14 Jun 2021 at 16:43, Martin A. Brooks via GLLUG mailto:gllug@mailman.lug.org.uk>> wrote: On 2021-06-14 15:42, gvim via GLLUG wrote: > With ransomeware becoming a threat to both small and large businesses > I'm inclined to advise small businesses to change their router as a > first line of defence. What is currently the best NIX-based > router/software? pfSense? If I was installing such a thing at a customer site I would first suggest a reasonable off the shelf product rather than a custom built black box. I have run pfsense very happily at work (and home) for many years - it's nicely comprehensive and easy to use. Netgate (owners of pfsense) make some devices with pfsense preinstalled, which I can't speak from much experience with. Until we moved office and I got the budget to replace it, we have an old Pentium dual core Dell desktop running pfsense. Peter -- ** Travis Mooney-Evans tra...@mooney-evans.com +447908631440 Skype: ttmooney -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug
Re: [GLLUG] Best NIX-based router/software for a small business network
OPNSense. We used to be a pfsense reseller but they IMHO went psychotic a few years ago. Product OK though... except for the Wireguard nonsense. OPNSense is good. On 14/06/2021 16:42, gvim via GLLUG wrote: With ransomeware becoming a threat to both small and large businesses I'm inclined to advise small businesses to change their router as a first line of defence. What is currently the best NIX-based router/software? pfSense? gvim -- Stabilys Ltdwww.stabilys.com 244 Kilburn Lane LONDON W10 4BA 0845 838 5370 -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug
Re: [GLLUG] Best NIX-based router/software for a small business network
There are off the shelf OpenWRT routers. I use: * Turris Omnia as edge routers: https://www.turris.com/en/omnia/overview/ * GL iNet Convexa-B as access points Both work well, and are native OpenWRT solutions. The Omnia is a bit expensive, but you could just stick with GL iNet devices if cost is a problem. Kind regards, travis On 14/06/2021 16:56, Peter Grant via GLLUG wrote: > > On Mon, 14 Jun 2021 at 16:43, Martin A. Brooks via GLLUG > mailto:gllug@mailman.lug.org.uk>> wrote: > > On 2021-06-14 15:42, gvim via GLLUG wrote: > > With ransomeware becoming a threat to both small and large > businesses > > I'm inclined to advise small businesses to change their router as a > > first line of defence. What is currently the best NIX-based > > router/software? pfSense? > > If I was installing such a thing at a customer site I would first > suggest a reasonable off the shelf product rather than a custom built > black box. > > > I have run pfsense very happily at work (and home) for many years - > it's nicely comprehensive and easy to use. Netgate (owners of pfsense) > make some devices with pfsense preinstalled, which I can't speak from > much experience with. Until we moved office and I got the budget to > replace it, we have an old Pentium dual core Dell desktop running > pfsense. > Peter > > -- ** Travis Mooney-Evans tra...@mooney-evans.com +447908631440 Skype: ttmooney -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug
Re: [GLLUG] Best NIX-based router/software for a small business network
On Mon, 14 Jun 2021 at 16:43, Martin A. Brooks via GLLUG < gllug@mailman.lug.org.uk> wrote: > On 2021-06-14 15:42, gvim via GLLUG wrote: > > With ransomeware becoming a threat to both small and large businesses > > I'm inclined to advise small businesses to change their router as a > > first line of defence. What is currently the best NIX-based > > router/software? pfSense? > > If I was installing such a thing at a customer site I would first > suggest a reasonable off the shelf product rather than a custom built > black box. > I have run pfsense very happily at work (and home) for many years - it's nicely comprehensive and easy to use. Netgate (owners of pfsense) make some devices with pfsense preinstalled, which I can't speak from much experience with. Until we moved office and I got the budget to replace it, we have an old Pentium dual core Dell desktop running pfsense. Peter -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug
Re: [GLLUG] Best NIX-based router/software for a small business network
On 2021-06-14 15:42, gvim via GLLUG wrote: With ransomeware becoming a threat to both small and large businesses I'm inclined to advise small businesses to change their router as a first line of defence. What is currently the best NIX-based router/software? pfSense? If I was installing such a thing at a customer site I would first suggest a reasonable off the shelf product rather than a custom built black box. -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug
[GLLUG] Best NIX-based router/software for a small business network
With ransomeware becoming a threat to both small and large businesses I'm inclined to advise small businesses to change their router as a first line of defence. What is currently the best NIX-based router/software? pfSense? gvim -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug
