Basic Understanding Of ipguard-dev
-
A few simple questions, nothing terrible I think.
1. "Important Note: Always create rules for pfsense mac and ip address to avoid denying access to pfsense gui."? Would this be my Lan Mac address or does Pfsense have a special mac address?
2. When should I choose Wan or Lan and why? For instance, if I wanted to add my subnet so that it will not be blocked. Does it matter if it's on the Wan or Lan side? I'm also wondering if choosing the wrong interface will make me vulnerable.
That's about it for now. I know there was another topic on it but it looked as if my question was a little too simplistic so I chose to create a new one to avoid throwing mud on the other well developed topic.
Thank you sirs.
-
Through trial and error, I have found that if I use the wan interface IP + Mac address it will open my firewall up and I was very lucky to shut it down before a hacker took control of everything. Basically, I have a router/firewall from my isp that connects to my pfsense box and then it connects to my computer from the Lan side. The attack that I experienced almost immediately which just shows you how vicious these hackers can be. Somehow they punched right through everything using my wan ip address and attacked port 5022 which I looked up and it's called a mice server. Apparently it's main vulnerability is that it can be used for denial of service attacks. Besides that everything else was fine. As soon as I removed my wan ip address coming off the isp router it immediately started blocking 1 ip address from France and 2 ip addresses from the United States. But yes, ipguard-dev is a very serious tool and if there is any real documentation on it could someone please point me to the right direction.