top | item 46038113

(no title)

aerzen | 3 months ago

Is there some software I can run on my OpenWrt to detect suspicious traffic?

I guess the big problem here is analysis, because a modern home network moves a massive amount of traffic, to many endpoints.

discuss

sekh60|3 months ago

I use vyos instead of OpenWRT, but I'd presume OpenWRT can mirror a port? It'd be better to do it on your switch of course. But you could mirror your traffic going across the LAN-WAN barrier and direct it to a security onion install, it's an opensource IDS. It has pretty heavy demands, but traffic analysis is not an easy, computationally cheap task.

petee|3 months ago

Ubiquiti uses Suricata on some of their routers, which i thought i recall someone saying are WRT based