Fixing a Hobbled together Network
-
Hello. I'm new here. Over the years I've hobbled together a network and I'm no networking gui, more of a software guy. Anyway looking for any advice on how to set things up. After adding lots of wireless devices, a mythtv server, a mail server, webserver, several pcs and a couple of laptops, things are on a downward spiral. The attacks on my mailserver and webserver are constant. I use fail2ban and country block to git rid of most of it, however, I do see outages more frequently, where pings are reported by nagios as taking 500 ms.
I'm going to put together a four port appliance with pfSense. One to the WAN, one to wireless, one to my mail/webserver and one to general pc use and media devices. How best to go about this I don't know. Any advice would be appreciated. I understand the concepts of VLAN, Subnets, etc, just don't know what is the best approach.
Thanks!
-
You can block known malicious IPs with pfBlockerNG to help protect your open WAN ports:
https://forum.pfsense.org/index.php?topic=86212.0
I've also written a script to import 50+ feeds:
https://forum.pfsense.org/index.php?topic=86212.msg508975#msg508975
-
Has anyone taken fail2ban and pushed the jailed ips to pfsense. It does a pretty good job of detecting hacks on the system. Only problem is I want to move the ip filtering off of my server and on to a pfSense appliance.
