Orphys Security Configuration

Status
Not open for further replies.
generalwu said:
Wow, that's a nice home lab you have there. :cool:

Just curious, do you need to pay for subscription for your Cisco Firepower?
Click to expand...

Thanks! I actually got company to give me a Cisco 5506-x (replacement for the 5505) ASA with Firepower+AMP for home use/lab work but yes I pay yearly through company for SMARTnet. That is why I dual Firewall with open-source pfsense and SNORT (which Firepower is basically SNORT anyway). :)

I love to compare them as well and so far... Firepower (formally Sourcefire) is just like a harder to use version of Pfsense/SNORT OOB. AMP on the other hand is freaking awesome! Love me some Talos!
 
  • Like
Reactions: Parsh, Sunshine-boy, Handsome Recluse and 1 other person
Very nice setup. I would remember to use a VPN while testing malware samples, but I'm pretty sure you are aware of that :)
 
  • Like
Reactions: orphyone
Winter Soldier said:
Your config reminds me of something like a space shield ;)
Seriously, nice setup you got there, thanks for sharing :)
Click to expand...

Just because you're paranoid doesn't mean they're not out to get you! :) lol, I know it looks like overkill but I do a lot of Security work professionally and for fun so safety first!

brod56 said:
Very nice setup. I would remember to use a VPN while testing malware samples, but I'm pretty sure you are aware of that :)
Click to expand...

Hehe.
I used PIA for general internet, another VPN for other items, Cisco AnyConnect for work and I block Tor_Exit Nodes at my Gateway using Firepower ThreatGrid along with known Malware IP's, Botnets, CnC and of course first thing I do is country block Russia, China and a few Skiddie playgrounds. :)

Spawn said:
Is that Sophos Home or another product?
Click to expand...

Sophos Enterprise, our contract lets us have a home office use license called Standalone. The new Sophos Home Beta is garbage!

generalwu said:
Probably won't be getting any of those for myself, too high a cost for me.

Guess a pfSense would be sufficient for me. :(
Click to expand...

Pfsense is literally much simpler as you don't need a CnC Console like I have to have for Firepower running in VMWare ESXi (you can use ASA's built in ASDM to manage but it uses freaking JAVA!!!!
 
Last edited by a moderator:
  • Like
Reactions: Parsh, frogboy, brod56 and 3 others
public enemy said:
I like ur config that's what I call prevention security service.
block everything before they reach ur PC
but very expensive i think:/
Click to expand...

Thanks, I believe in DiD for sure! People don't even understand how much pain a simple IPS can save you by blocking known bad rep IP's especially Tor Exit Nodes.
 
  • Like
Reactions: Parsh, frogboy, Handsome Recluse and 1 other person
I think with that firewall and snort u don't even need vs or Sophos as real-time protection.
i tried to install snort but it's hard for me couldn't do it lol
 
  • Like
Reactions: orphyone
public enemy said:
I think with that firewall and snort u don't even need vs or Sophos as real-time protection.
i tried to install snort but it's hard for me couldn't do it lol
Click to expand...

Older pfSense was a little tricky but it's pretty great now as you just enable the SNORT plug in and get yourself an Oink Code.

After that it's filtering false positives and your golden. It was very daunting when I first started out for sure!
 
  • Like
Reactions: Sunshine-boy
thnx for the info
but pfsense isn't free like snort right?
 
thnx for the link, I think it's like Sophos UTM:D and I like a firewall with ips and ids

as I said I can't install these software's:/
just read the Installation guide:p hard like snort
Installing pfSense - PFSenseDocs
very hard installation IDK why they don't do it in an easy way
 
Last edited by a moderator:
  • Like
Reactions: orphyone and Handsome Recluse
Status
Not open for further replies.

You may also like...