Re: [GLLUG] Best NIX-based router/software for a small business network
I think every platform has security vulnerabilities. I'm not aware of anything super significant for OpenWRT as opposed to any other release (meaning, they all have their problems). Of course, if you're on the vendor-supplied version and not the main release, you're still waiting for them to get out the updates. Anything that isn't getting updated is going to have vulnerabilities. That's why I tend to go for devices that are designed for the release -- you're in a better position for updates, even if the vendor can't be bothered. BTW, the GL iNet link for the Convexa-B is https://www.gl-inet.com/products/gl-b1300/ T On 15/06/2021 18:12, gvim via GLLUG wrote: > Didn't OpenWRT have some security holes a while back? I'm trying to > sell clients on a first line of defence against potential ransomware > attacks so I need something rock solid. > > gvim > > > On 14/06/2021 17:02, Travis Mooney via GLLUG wrote: >> There are off the shelf OpenWRT routers. I use: >> >> * Turris Omnia as edge routers: >> https://www.turris.com/en/omnia/overview/ >> * GL iNet Convexa-B as access points >> >> Both work well, and are native OpenWRT solutions. The Omnia is a bit >> expensive, but you could just stick with GL iNet devices if cost is a >> problem. >> >> Kind regards, >> >> travis >> >> On 14/06/2021 16:56, Peter Grant via GLLUG wrote: >>> >>> On Mon, 14 Jun 2021 at 16:43, Martin A. Brooks via GLLUG >>> mailto:gllug@mailman.lug.org.uk>> wrote: >>> >>> On 2021-06-14 15:42, gvim via GLLUG wrote: >>> > With ransomeware becoming a threat to both small and large >>> businesses >>> > I'm inclined to advise small businesses to change their router >>> as a >>> > first line of defence. What is currently the best NIX-based >>> > router/software? pfSense? >>> >>> If I was installing such a thing at a customer site I would first >>> suggest a reasonable off the shelf product rather than a custom >>> built >>> black box. >>> >>> >>> I have run pfsense very happily at work (and home) for many years - >>> it's nicely comprehensive and easy to use. Netgate (owners of >>> pfsense) make some devices with pfsense preinstalled, which I can't >>> speak from much experience with. Until we moved office and I got the >>> budget to replace it, we have an old Pentium dual core Dell desktop >>> running pfsense. >>> Peter >>> >>> >> -- >> ** >> >> Travis Mooney-Evans >> tra...@mooney-evans.com >> +447908631440 >> Skype: ttmooney >> >> > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- ** Travis Mooney-Evans tra...@mooney-evans.com +447908631440 Skype: ttmooney -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug
Re: [GLLUG] Best NIX-based router/software for a small business network
There are off the shelf OpenWRT routers. I use: * Turris Omnia as edge routers: https://www.turris.com/en/omnia/overview/ * GL iNet Convexa-B as access points Both work well, and are native OpenWRT solutions. The Omnia is a bit expensive, but you could just stick with GL iNet devices if cost is a problem. Kind regards, travis On 14/06/2021 16:56, Peter Grant via GLLUG wrote: > > On Mon, 14 Jun 2021 at 16:43, Martin A. Brooks via GLLUG > mailto:gllug@mailman.lug.org.uk>> wrote: > > On 2021-06-14 15:42, gvim via GLLUG wrote: > > With ransomeware becoming a threat to both small and large > businesses > > I'm inclined to advise small businesses to change their router as a > > first line of defence. What is currently the best NIX-based > > router/software? pfSense? > > If I was installing such a thing at a customer site I would first > suggest a reasonable off the shelf product rather than a custom built > black box. > > > I have run pfsense very happily at work (and home) for many years - > it's nicely comprehensive and easy to use. Netgate (owners of pfsense) > make some devices with pfsense preinstalled, which I can't speak from > much experience with. Until we moved office and I got the budget to > replace it, we have an old Pentium dual core Dell desktop running > pfsense. > Peter > > -- ** Travis Mooney-Evans tra...@mooney-evans.com +447908631440 Skype: ttmooney -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug
Re: [GLLUG] Intro and network drive
Hey Davide — If that’s the case you should see it with mdns-scan. I don’t use Gnome 3 (still on Mate) but I’d expect it to pick up the share from zeroconf as well. T ** Travis Mooney-Evans Writer - Photographer - Technologist tra...@mooney-evans.com +447908631440 Skype: ttmooney > On 23 Mar 2020, at 14:27, Davide Giannella via GLLUG > wrote: > > On 23/03/2020 11:05, Travis Mooney wrote: >> Are any other computers/devices successfully >> connecting? > > You mean any other computer connecting to the disk? If so, I can easily plug > the same way into a MBP (OS X) and then from finder use the `Go->Connect to > server->smb://Networkspacemax.local/MyShare`. The disk is visible from the > Finder sidebar once it boots completely. > > Davide > > -- > GLLUG mailing list > GLLUG@mailman.lug.org.uk > https://mailman.lug.org.uk/mailman/listinfo/gllug -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug
Re: [GLLUG] Intro and network drive
Hey Davide -- You can use mdns-scan to see what's advertised by zeroconf/bonjour/avahi. Normally if the shares are broadcast by zeroconf, you would see them in Nautilus automatically. Are any other computers/devices successfully connecting? Kind regards, travis On 23/03/2020 10:28, Davide Giannella via GLLUG wrote: > On 21/03/2020 22:42, John Hearns wrote: >> Connect the Lacie to your home router. >> >> Connect the ethernet port on your USB-C adapter to the home router. >> Switch off the wireless interface on your laptop. >> Bring up the ethernet interface. >> You can either log into your wireless router web interface and display >> what devices are attached >> Or pin the broadcast address of the subnet - which is usually >> 192.168.1.255 >> You should then find your Lacie device and be talking to it at >> whatever the line speed is on your router ethernet ports. >> Hopefully gigabit. > +1 > thanks again. > Will post once solved. I will look as well in the zeroconf/bojour > approach. Just for the sake of exercise and learning. > > D. > > -- ** Travis Mooney-Evans ttmoo...@ttmooney.com +447908631440 Skype: ttmooney -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug
Re: [GLLUG] Useful little cute box full of IP glue
MeJ (and everyone) -- The GL iNet routers are pretty good. I use these as APs: https://www.gl-inet.com/products/gl-b1300/ Also available in a PoE version (which I need to remember to order for the office). And my travel MiFi is also by GL iNet: https://www.gl-inet.com/products/gl-mifi/ No relation to the company. Just happy to support affordable OpenWRT mainline equipment suppliers! Kind regards, travis PS -- I also have a Turis Omnia as edge routers at home and the office, but that's a whole other class of affordability! On 06/02/2020 09:35, James Roberts via GLLUG wrote: > I don't normally recommend anything, but I have just run into a neat > little device that has solved a problem for me, so I thought I'd mention > it on-list in case it can help someone else. > > I'm just a happy user: no connection with the product otherwise. > > I am using it to solve a VoIP problem I have had running an extension to > our new hosted VoIP from a residential 4G connection in very rural Spain > (we used to have WiMAX with a fixed IP - but no more, just 4G but quite > fast). > > It's tunnelling my phone using a commercial VPN provider and bypassing > inward VoIP blocking. Not against their T&C or anything, I suspect it's > just blocked because it's 4G to protect their network, outgoing ports > work but I receive no voice :) > > This solution has stopped me banging my head against the wall trying to > run various simultaneous different and colliding VPNs from my otherwise > very good firewall. It just works. > > Anyway the device is this: > > https://www.gl-inet.com/products/gl-mt300n-v2/ > > Available from e.g. Amazon worldwide. > > It's got WiFi and two NICs and USB and micro-USB power, and runs OpenWRT > which is accessible at the second menu level and so it's highly > tweakable: not that I have had to tweak it... it has many VPN providers > pre-set and supports OpenVPN and Wireguard. > > I paid €24 for one, at that price it can glue lots of stuff together. > > Just thought I'd mention it. It's not a recommendation as such - it > might break in a week - but I doubt it. > > There's various other models. > > And it's cute :) > > MeJ > -- ** Travis Mooney-Evans ttmoo...@ttmooney.com +447908631440 Skype: ttmooney -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug