Help Needed - Beginners Guide to Securing v2.0 new install



  • Newbie here… Ive been trying the competition IpCop, Untangle and now pfsense

    I must say I am impressed with the professionalism, look and feel of the install. Ive had to grow away from the $50-100 router / firewall boxes due to suspected intrusions / attacks we have been experiencing, 12 of us on our system at peak times and 2 running farmville all the time and 4 or more running games like warcraft and the online heavy shooter type games. We were experiencing ultra high ping times playing the games and kids always complaining about lagging and was thinking someone they were playing against was doing a ping attack or denyal of service thing, I dont know for sure, so I decided to go figure out this homegrown firewall router thing. Also we recently were notified by ATT that they would soon be charging more for excessive bandwidth usage of over 150 gigs per month, we were also informed and looked at a chart supplied by them that we had used up to 300 gigs and exceeded out limits on like 3 of the last 4 months. So I need to find out who the bandwidth hogs are in the house and limit or throttle or unplug their access :) until they can learn to constrain themselves.

    So...

    Ok guys/gals, I just installed pfsense yesterday and it looks really good, got the basics running, changed the web gui password at system > setup wizard.

    All seems to be running fine, found my way to BandwidthD and installed that package, looks like a neat tool.

    So Ive changed the web gui pwd is there a root pwd that needs to be changed in the pfsense box for BSD? I dont want some mischevious kid gaining access and causing more trouble...

    What Im really looking for is a few starter tips for someone in my situation, pointers please?

    Thanks

    George (Busy, tired and overwhelmed dad)



  • You do not need to change the root password. The root password is the admin password you setup in the GUI.
    As far as starter Tips go…

    • You can track bandwidth usage with iftop or in the GUI under status->traffic graph

    • To reduce lag get top notch gig NICs. The cheap stuff has always caused problems

    • You can track overall bandwidth usage with the RRD graphs.

    • To have DNS working completely have DHCP register DNS entries under Services->DNS forwarder

    • Port forwarding is completely different than IPcop. Start your port forward entries in Firewall->NAT

    The final tip I have is to check the forums. Everything you need to know about gaming with pfsense and problems you may run into are documented within the forum and the wiki.
    Also dump your ISP. Find an ISP that doesn't limit your usage. You're paying for it so why should you pay more for your bandwidth.


Locked