Skip to main content

Posts

Showing posts with the label security

pfsense: Create multiple vLAN and segregate traffic

pfsense: Create multiple vLAN and segregate traffic Summary pfSense is an excellent product and can be customised better than professional devices available from large vendors. pfSense is open-source, can be installed into an old laptop or Mini-PC and can scale from home lab setup to medium-large enterprises. This article focus on Creating "multiple LAN segments" within your home network, thus segregating traffic for different type of devices Pre-Reqs device with pfsense installed. I have installed pfsense in an OLD laptop with 2 ethernet ports VLAN switch  with ability to Securely separate networks (VLAN) (New type of plus switches are cheaper around £20/$30 for 8 ports) Quite few Ethernet cables (short lengths would be perfect) Setup within pfsense The settings are divided mainly into 3 parts Creation of VLANs (For instance I've created 3 VLANs as below). The VLAN tag is quite important setting which is used to filter within the Switch Configuration of VLANs (eg shown

Setup VPN protected Private Wifi out of Public Wifi

Setup VPN secured Private Wifi from Public Wifi A word on Privacy While you are travelling, it is essential that you connect your mobile phone or laptop to Public Wifi especially in Airports, Hotels, Cafe's, Malls etc. Remember quite a lot of your personal information is exposed by such direct connections and is quintessential you isolate your personal device from public Wifi even if you have VPN. It is recommended to turn-off WiFi , BlueTooth during the course of journey but until unless you need it. What are we trying to do So the aim of this article is to ensure that you detach your device from public network as below.  So using the GL.inet device, we will  Accept a Public Network connection (WAN) via wired or wireless Apply VPN settings Create a separate Private Network (LAN) which your personal devices can connect to Pre-Reqs OpenWRT based devices (such as GL-MT300N , GL-MT1300 Beryl etc LAN cable (for first time setup) is highly recommended VPN connection (eg NORDVPN, SurfS

Encrypted Filesystem - Virtual filesystem with folder, file and content encryption

Linux is wonderful when it comes to security aspects and data protection. My challenge was Laptop having personal details in files and folders Have to encrypt these data so that if laptop is lost, the data shouldn't be replicated Have to use "git" to backup the data normally and version it Solution for Linux Design your folder/directory structure Ensure that all your personal files are well structured Ensure all files are put into a single directory/folder hierarchy  (eg "/home/myuser/personal/") Setting up encfs In Ubuntu, run  sudo apt-get install encfs Encrypted Directory and Mount location encDir="/home/diaryfolio/Docs/encr" # Where encrypted files are stored mntDir="/home/diaryfolio/Docs/mydocs" # Mount created # Create encrypted directory and mount directory encfs $encDir $mntDir # Press Enter which uses default encryption # Provide a strong password and REMEMBER it in future # C