Verifying a secure and private network?



  • I have my pfSense configured pretty good…thank you to all on this forum who have help! I really appreciate the help...pfSense rocks!

    How do I know it is secure and private? What are some fundamental checks and tests I can do?

    1. No DNS Leaks/Key traffic thru VPN - All good! used dnsleaktest.com
    2. Fixed IPs for clients/Deny unknown clients - Services->DHCP Server->Interface->Deny Unknown Clients...I think certificates and rRadius can help me further.
    3. pfBlocker with custom lists - More then my share of alerts
    4. Snort - Again more alerts! Constantly being refined
    5. Seperate VLANs - ???
    6. Restricted rules - Thanks all!
      etc...

    My specific questions are:
    a)How can I verify that my VLANs are indeed isolated?
    b)How can I verify my shady printer on VLAN 10(IOT) can't talk to my pfSEnse GUI or my Native VLAN?
    c)My Native VLAN used to admin my AP/Switch/pfSense GUI is not leaking?
    d)My ARP table isn't "poisened"?
    e)My wife is being faithful?....well that one is all on me, you can't help me there!
    f)Other basic trouble shooting/verifications I should do?
    ...what results should I look for to verify all is good in Rome!

    I still have more work to do but any direction/help would be surely appreciated...

    V


  • Netgate

    Wireshark.



  • Awesome thank you! Any checks I can do within pfSense?


  • Netgate

    Diagnostics > Packet Capture.