Orphys Security Configuration

orphyone · May 11, 2017

Just what I am running....

frogboy · May 11, 2017

Looks good to me, nothing to add.

Thanks for sharing with us here at MT.

orphyone · May 11, 2017

frogboy said:
Looks good to me, nothing to add.

Thanks for sharing with us here at MT.

That is what I like to hear! Sometime will want to share my full pen-test lab/honeynet setup...

generalwu · May 11, 2017

Wow, that's a nice home lab you have there.

Just curious, do you need to pay for subscription for your Cisco Firepower?

orphyone · May 11, 2017

generalwu said:
Wow, that's a nice home lab you have there.

Just curious, do you need to pay for subscription for your Cisco Firepower?

Thanks! I actually got company to give me a Cisco 5506-x (replacement for the 5505) ASA with Firepower+AMP for home use/lab work but yes I pay yearly through company for SMARTnet. That is why I dual Firewall with open-source pfsense and SNORT (which Firepower is basically SNORT anyway).

I love to compare them as well and so far... Firepower (formally Sourcefire) is just like a harder to use version of Pfsense/SNORT OOB. AMP on the other hand is freaking awesome! Love me some Talos!

Winter Soldier · May 12, 2017

Your config reminds me of something like a space shield

Seriously, nice setup you got there, thanks for sharing

generalwu · May 12, 2017

Probably won't be getting any of those for myself, too high a cost for me.

Guess a pfSense would be sufficient for me.

Ink · May 12, 2017

Is that Sophos Home or another product?

brod56 · May 12, 2017

Very nice setup. I would remember to use a VPN while testing malware samples, but I'm pretty sure you are aware of that

orphyone · May 12, 2017

Winter Soldier said:
Your config reminds me of something like a space shield
Seriously, nice setup you got there, thanks for sharing

Just because you're paranoid doesn't mean they're not out to get you!

lol, I know it looks like overkill but I do a lot of Security work professionally and for fun so safety first!

brod56 said:
Very nice setup. I would remember to use a VPN while testing malware samples, but I'm pretty sure you are aware of that

Hehe.
I used PIA for general internet, another VPN for other items, Cisco AnyConnect for work and I block Tor_Exit Nodes at my Gateway using Firepower ThreatGrid along with known Malware IP's, Botnets, CnC and of course first thing I do is country block Russia, China and a few Skiddie playgrounds.

Spawn said:
Is that Sophos Home or another product?

Sophos Enterprise, our contract lets us have a home office use license called Standalone. The new Sophos Home Beta is garbage!

generalwu said:
Probably won't be getting any of those for myself, too high a cost for me.

Guess a pfSense would be sufficient for me.

Pfsense is literally much simpler as you don't need a CnC Console like I have to have for Firepower running in VMWare ESXi (you can use ASA's built in ASDM to manage but it uses freaking JAVA!!!!

Sunshine-boy · May 12, 2017

I like ur config that's what I call prevention security service.
block everything before they reach ur PC
but very expensive i think:/

orphyone · May 12, 2017

public enemy said:
I like ur config that's what I call prevention security service.
block everything before they reach ur PC
but very expensive i think:/

Thanks, I believe in DiD for sure! People don't even understand how much pain a simple IPS can save you by blocking known bad rep IP's especially Tor Exit Nodes.

Sunshine-boy · May 12, 2017

I think with that firewall and snort u don't even need vs or Sophos as real-time protection.
i tried to install snort but it's hard for me couldn't do it lol

orphyone · May 12, 2017

public enemy said:
I think with that firewall and snort u don't even need vs or Sophos as real-time protection.
i tried to install snort but it's hard for me couldn't do it lol

Older pfSense was a little tricky but it's pretty great now as you just enable the SNORT plug in and get yourself an Oink Code.

After that it's filtering false positives and your golden. It was very daunting when I first started out for sure!

Sunshine-boy · May 12, 2017

thnx for the info
but pfsense isn't free like snort right?

orphyone · May 12, 2017

public enemy said:
thnx for the info
but pfsense isn't free like snort right?

Totally free, it's the awesome!

Get you some!

pfSense® - World's Most Trusted Open Source Firewall

Sunshine-boy · May 12, 2017

thnx for the link, I think it's like Sophos UTM

and I like a firewall with ips and ids

as I said I can't install these software's:/
just read the Installation guide

hard like snort
Installing pfSense - PFSenseDocs
very hard installation IDK why they don't do it in an easy way

Exterminator · May 13, 2017

Secure Windows 10 config! Thanks for sharing it with us

orphyone · May 13, 2017

Exterminator said:
Secure Windows 10 config! Thanks for sharing it with us

Thanks! I need to share my pen-test lab/security testing lab/work labs sometime. They are pretty nice!

JM Safe · May 15, 2017

Nothing to add here, congrats!

You are protected.

Thanks for sharing.

Orphys Security Configuration

Level 1

In memoriam 1961-2018

Level 1

Level 5

Level 1

Level 25

Level 5

Administrator

Level 15

Level 1

Level 28

Level 1

Level 28

Level 1

Level 28

Level 1

Level 28

Level 85

Level 1

Level 39

Similar threads