Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Need advice on upgrading security at work for our servers.
New Posts  All Forums:Forum Nav:

Need advice on upgrading security at work for our servers.

post #1 of 9
Thread Starter 
So I float to a lot of positions and have recently been tasked with setting up the network security and my boss wants to be notified whenever a outside IP tries to connect or "hack" or intranet and have it emailed to him/me. . Anyway to do this using our current available equipment? That consists of a linksys AC1200 Router, 2 basic switches (no functionality as far as security) two servers one ubuntu and the other windows server 2016. We use a lot of python scripting to accomplish stuff so im thinking that will also be needed here but not sure if anyone has a better idea.

if a script is the only way forward please point me in the right direction as im familiar with python just have not done a lot of network scripting with it. Thanks for any help much appreciated.
Upgrayedd
(7 items)
 
  
CPUMotherboardGraphicsRAM
Ryzen 1700 @ 3.8GHz Aorus X370 Gaming 5 RX480 XFX RS Corsair Vengeance LPX 16GB 2666Mhz 
Hard DriveOSPower
Samsung 950 Pro M.2 Windows 10 pro x64 EVGA 750w 80 Bronze 
  hide details  
Reply
Upgrayedd
(7 items)
 
  
CPUMotherboardGraphicsRAM
Ryzen 1700 @ 3.8GHz Aorus X370 Gaming 5 RX480 XFX RS Corsair Vengeance LPX 16GB 2666Mhz 
Hard DriveOSPower
Samsung 950 Pro M.2 Windows 10 pro x64 EVGA 750w 80 Bronze 
  hide details  
Reply
post #2 of 9
You can watch for failed remote access attempts and email the information from that. A Python script for that would be pretty straightforward. There are plenty of devices that offer this, but most of the time you'll see only false alerts.

You would be looking more in log monitoring than scripting though.
Dark Space
(18 items)
 
  
Reply
Dark Space
(18 items)
 
  
Reply
post #3 of 9
You can do something like pfsense with snort, but for nearly the first year you will have a lot of false positives. And after that it will mainly be bots and other random junk.

Honestly your boss will be getting a lot of junk emails regardless of what you chose to use.


You are using Home level networking equipment to start off with. Unless you have a good $1000+ budget, or Atleast enough budget to get a PfSense router and atleast a smart switch to start off with, than this entire endeavor is pointless.


First thing that should be done is getting a proper business level NAT (Firewall), and PfSense will do that. Second would be to have independent VLANS for Guest and Non-Guest Networks, along with two wireless AP's for those roles (or a single AP that can handle two VLANs, pretty much not home grade stuff, Ubiquiti is a perfect choice). Another Idea would be computer level security packages too.
Edited by DzillaXx - 4/5/17 at 3:00pm
Red Dragon
(19 items)
 
HTPC
(20 items)
 
HomeServer
(13 items)
 
CPUMotherboardGraphicsRAM
Intel Core i7 2600K @4.8ghz Asrock p67 Extreme4 GTX1080 G.SKILL Ripjaws X Series 16GB 9-11-11-31 2133MHz 
Hard DriveHard DriveHard DriveHard Drive
3x 640 WD blacks Raid 0 Mushkin Enhanced Reactor 512GB SSD Sandisk 1TB SSD Samsung 470 Series 128GB SSD 
CoolingOSMonitorKeyboard
XSPC Raystorm Windows 10 64bit Microboard m340clz 100hz 3440x1440 Corsair K70 
PowerCaseMouseAudio
TX850 HAF922 Logitech G502 Creative Sound Blaster Z  
AudioAudioAudio
Elac B6 & Dayton Audio SUB-800 Yamaha HTR-5790 Audio Technica ATH-A700 headphones 
CPUMotherboardGraphicsRAM
Q9550 @ 4GHZ Gigabyte EP45 UD3P GTX470 4GB OCZ Reaper 1150mhz 
Hard DriveHard DriveOptical DriveCooling
Western Digital Blue 500gb OCZ Vertex 2 60GB LG Bluray Corsair H50 
OSKeyboardPowerCase
Windows 7 Home Premium  Logitech K400 Corsair CX500 nMEDIAPC 6000B 
AudioOtherOtherOther
Yamaha HTR-5063 PS3 80GB BC PS3 with 250GB hard drive. Polk Audio Monitor 60s Bi-AMP Front Polk Audio Monitor 30s Rear 
OtherOther
Polk Audio CS1 Center Polk Audio PSW10 
CPUMotherboardGraphicsRAM
Xeon Harpertown 3.6ghz Asus P5Q SE/R HD7770 4GB DDR2 800mhz Corsair 
Hard DriveHard DriveHard DriveHard Drive
5TB Toshiba 5TB Toshiba 5TB Toshiba 2TB Hitachi 
Hard DriveHard DriveHard DriveOS
2TB Seagate 2TB Western Digital 1TB Hitachi Windows Home Server 2011 
Power
Corsair CX500 
  hide details  
Reply
Red Dragon
(19 items)
 
HTPC
(20 items)
 
HomeServer
(13 items)
 
CPUMotherboardGraphicsRAM
Intel Core i7 2600K @4.8ghz Asrock p67 Extreme4 GTX1080 G.SKILL Ripjaws X Series 16GB 9-11-11-31 2133MHz 
Hard DriveHard DriveHard DriveHard Drive
3x 640 WD blacks Raid 0 Mushkin Enhanced Reactor 512GB SSD Sandisk 1TB SSD Samsung 470 Series 128GB SSD 
CoolingOSMonitorKeyboard
XSPC Raystorm Windows 10 64bit Microboard m340clz 100hz 3440x1440 Corsair K70 
PowerCaseMouseAudio
TX850 HAF922 Logitech G502 Creative Sound Blaster Z  
AudioAudioAudio
Elac B6 & Dayton Audio SUB-800 Yamaha HTR-5790 Audio Technica ATH-A700 headphones 
CPUMotherboardGraphicsRAM
Q9550 @ 4GHZ Gigabyte EP45 UD3P GTX470 4GB OCZ Reaper 1150mhz 
Hard DriveHard DriveOptical DriveCooling
Western Digital Blue 500gb OCZ Vertex 2 60GB LG Bluray Corsair H50 
OSKeyboardPowerCase
Windows 7 Home Premium  Logitech K400 Corsair CX500 nMEDIAPC 6000B 
AudioOtherOtherOther
Yamaha HTR-5063 PS3 80GB BC PS3 with 250GB hard drive. Polk Audio Monitor 60s Bi-AMP Front Polk Audio Monitor 30s Rear 
OtherOther
Polk Audio CS1 Center Polk Audio PSW10 
CPUMotherboardGraphicsRAM
Xeon Harpertown 3.6ghz Asus P5Q SE/R HD7770 4GB DDR2 800mhz Corsair 
Hard DriveHard DriveHard DriveHard Drive
5TB Toshiba 5TB Toshiba 5TB Toshiba 2TB Hitachi 
Hard DriveHard DriveHard DriveOS
2TB Seagate 2TB Western Digital 1TB Hitachi Windows Home Server 2011 
Power
Corsair CX500 
  hide details  
Reply
post #4 of 9
Thread Starter 
Thanks yall for the advice. I kinda assumed the same in regards to false positives. Ill look into pfsense and a proper firewall. Maybe ill get something going as a test to show him its pointless. Plus rep
Upgrayedd
(7 items)
 
  
CPUMotherboardGraphicsRAM
Ryzen 1700 @ 3.8GHz Aorus X370 Gaming 5 RX480 XFX RS Corsair Vengeance LPX 16GB 2666Mhz 
Hard DriveOSPower
Samsung 950 Pro M.2 Windows 10 pro x64 EVGA 750w 80 Bronze 
  hide details  
Reply
Upgrayedd
(7 items)
 
  
CPUMotherboardGraphicsRAM
Ryzen 1700 @ 3.8GHz Aorus X370 Gaming 5 RX480 XFX RS Corsair Vengeance LPX 16GB 2666Mhz 
Hard DriveOSPower
Samsung 950 Pro M.2 Windows 10 pro x64 EVGA 750w 80 Bronze 
  hide details  
Reply
post #5 of 9
Quote:
Originally Posted by Dimaggio1103 View Post

Thanks yall for the advice. I kinda assumed the same in regards to false positives. Ill look into pfsense and a proper firewall. Maybe ill get something going as a test to show him its pointless. Plus rep

I wouldn't say pointless. Having a secure firewall (NAT) is a good thing. Especially if that has content filtering. Blocking unwanted connections to known bad sites and other ip's is a good thing. Having a Router that runs AV software on a router level is never a bad idea.


Running a business behind a home grade equipment is not always the best. Things like upnp should atleast be turned off on the linksys you have.



But like I said, try to get a real budget. If you have a budget to work with we can help you more in depth.
Red Dragon
(19 items)
 
HTPC
(20 items)
 
HomeServer
(13 items)
 
CPUMotherboardGraphicsRAM
Intel Core i7 2600K @4.8ghz Asrock p67 Extreme4 GTX1080 G.SKILL Ripjaws X Series 16GB 9-11-11-31 2133MHz 
Hard DriveHard DriveHard DriveHard Drive
3x 640 WD blacks Raid 0 Mushkin Enhanced Reactor 512GB SSD Sandisk 1TB SSD Samsung 470 Series 128GB SSD 
CoolingOSMonitorKeyboard
XSPC Raystorm Windows 10 64bit Microboard m340clz 100hz 3440x1440 Corsair K70 
PowerCaseMouseAudio
TX850 HAF922 Logitech G502 Creative Sound Blaster Z  
AudioAudioAudio
Elac B6 & Dayton Audio SUB-800 Yamaha HTR-5790 Audio Technica ATH-A700 headphones 
CPUMotherboardGraphicsRAM
Q9550 @ 4GHZ Gigabyte EP45 UD3P GTX470 4GB OCZ Reaper 1150mhz 
Hard DriveHard DriveOptical DriveCooling
Western Digital Blue 500gb OCZ Vertex 2 60GB LG Bluray Corsair H50 
OSKeyboardPowerCase
Windows 7 Home Premium  Logitech K400 Corsair CX500 nMEDIAPC 6000B 
AudioOtherOtherOther
Yamaha HTR-5063 PS3 80GB BC PS3 with 250GB hard drive. Polk Audio Monitor 60s Bi-AMP Front Polk Audio Monitor 30s Rear 
OtherOther
Polk Audio CS1 Center Polk Audio PSW10 
CPUMotherboardGraphicsRAM
Xeon Harpertown 3.6ghz Asus P5Q SE/R HD7770 4GB DDR2 800mhz Corsair 
Hard DriveHard DriveHard DriveHard Drive
5TB Toshiba 5TB Toshiba 5TB Toshiba 2TB Hitachi 
Hard DriveHard DriveHard DriveOS
2TB Seagate 2TB Western Digital 1TB Hitachi Windows Home Server 2011 
Power
Corsair CX500 
  hide details  
Reply
Red Dragon
(19 items)
 
HTPC
(20 items)
 
HomeServer
(13 items)
 
CPUMotherboardGraphicsRAM
Intel Core i7 2600K @4.8ghz Asrock p67 Extreme4 GTX1080 G.SKILL Ripjaws X Series 16GB 9-11-11-31 2133MHz 
Hard DriveHard DriveHard DriveHard Drive
3x 640 WD blacks Raid 0 Mushkin Enhanced Reactor 512GB SSD Sandisk 1TB SSD Samsung 470 Series 128GB SSD 
CoolingOSMonitorKeyboard
XSPC Raystorm Windows 10 64bit Microboard m340clz 100hz 3440x1440 Corsair K70 
PowerCaseMouseAudio
TX850 HAF922 Logitech G502 Creative Sound Blaster Z  
AudioAudioAudio
Elac B6 & Dayton Audio SUB-800 Yamaha HTR-5790 Audio Technica ATH-A700 headphones 
CPUMotherboardGraphicsRAM
Q9550 @ 4GHZ Gigabyte EP45 UD3P GTX470 4GB OCZ Reaper 1150mhz 
Hard DriveHard DriveOptical DriveCooling
Western Digital Blue 500gb OCZ Vertex 2 60GB LG Bluray Corsair H50 
OSKeyboardPowerCase
Windows 7 Home Premium  Logitech K400 Corsair CX500 nMEDIAPC 6000B 
AudioOtherOtherOther
Yamaha HTR-5063 PS3 80GB BC PS3 with 250GB hard drive. Polk Audio Monitor 60s Bi-AMP Front Polk Audio Monitor 30s Rear 
OtherOther
Polk Audio CS1 Center Polk Audio PSW10 
CPUMotherboardGraphicsRAM
Xeon Harpertown 3.6ghz Asus P5Q SE/R HD7770 4GB DDR2 800mhz Corsair 
Hard DriveHard DriveHard DriveHard Drive
5TB Toshiba 5TB Toshiba 5TB Toshiba 2TB Hitachi 
Hard DriveHard DriveHard DriveOS
2TB Seagate 2TB Western Digital 1TB Hitachi Windows Home Server 2011 
Power
Corsair CX500 
  hide details  
Reply
post #6 of 9
Thread Starter 
Thanks I think I have figured out a way and wanna run it by yall. I looked at pfsense and notice it can be run on a PC or VM. Our servers have dual nics one linux and one windows. Either I can run a VM on the windows and have the nic be a pass through, or I can build an extra PC from parts here and have a completely separate pfsense PC. Im sure he will prefer it to be on a VM to limit the servers we need. Does this sound like i'm on the right path?

EDIT: Was just informed if I can get this working for now its great but a budget will soon be allocated to upgrade everything so if yall are feeling extra helpful got a basic list for what we will be looking at getting when its time?
Edited by Dimaggio1103 - 4/6/17 at 11:00am
Upgrayedd
(7 items)
 
  
CPUMotherboardGraphicsRAM
Ryzen 1700 @ 3.8GHz Aorus X370 Gaming 5 RX480 XFX RS Corsair Vengeance LPX 16GB 2666Mhz 
Hard DriveOSPower
Samsung 950 Pro M.2 Windows 10 pro x64 EVGA 750w 80 Bronze 
  hide details  
Reply
Upgrayedd
(7 items)
 
  
CPUMotherboardGraphicsRAM
Ryzen 1700 @ 3.8GHz Aorus X370 Gaming 5 RX480 XFX RS Corsair Vengeance LPX 16GB 2666Mhz 
Hard DriveOSPower
Samsung 950 Pro M.2 Windows 10 pro x64 EVGA 750w 80 Bronze 
  hide details  
Reply
post #7 of 9
Quote:
Originally Posted by Dimaggio1103 View Post

Thanks I think I have figured out a way and wanna run it by yall. I looked at pfsense and notice it can be run on a PC or VM. Our servers have dual nics one linux and one windows. Either I can run a VM on the windows and have the nic be a pass through, or I can build an extra PC from parts here and have a completely separate pfsense PC. Im sure he will prefer it to be on a VM to limit the servers we need. Does this sound like im on the right path?

VM should be fine.

Though there is always this

https://www.amazon.com/ZOTAC-Quad-Core-Graphics-Barebones-ZBOX-CI323NANO-U/dp/B0179S50UU/ref=sr_1_1?s=electronics&ie=UTF8&qid=1490902612&sr=1-1&keywords=zbox&th=1

VM wise there is more of a setup time involved, and there will be some downtime on that server while setting everything up.

With a external device you can have downtime down to a minuet. unplug old, plugin new configured beforehand.
Red Dragon
(19 items)
 
HTPC
(20 items)
 
HomeServer
(13 items)
 
CPUMotherboardGraphicsRAM
Intel Core i7 2600K @4.8ghz Asrock p67 Extreme4 GTX1080 G.SKILL Ripjaws X Series 16GB 9-11-11-31 2133MHz 
Hard DriveHard DriveHard DriveHard Drive
3x 640 WD blacks Raid 0 Mushkin Enhanced Reactor 512GB SSD Sandisk 1TB SSD Samsung 470 Series 128GB SSD 
CoolingOSMonitorKeyboard
XSPC Raystorm Windows 10 64bit Microboard m340clz 100hz 3440x1440 Corsair K70 
PowerCaseMouseAudio
TX850 HAF922 Logitech G502 Creative Sound Blaster Z  
AudioAudioAudio
Elac B6 & Dayton Audio SUB-800 Yamaha HTR-5790 Audio Technica ATH-A700 headphones 
CPUMotherboardGraphicsRAM
Q9550 @ 4GHZ Gigabyte EP45 UD3P GTX470 4GB OCZ Reaper 1150mhz 
Hard DriveHard DriveOptical DriveCooling
Western Digital Blue 500gb OCZ Vertex 2 60GB LG Bluray Corsair H50 
OSKeyboardPowerCase
Windows 7 Home Premium  Logitech K400 Corsair CX500 nMEDIAPC 6000B 
AudioOtherOtherOther
Yamaha HTR-5063 PS3 80GB BC PS3 with 250GB hard drive. Polk Audio Monitor 60s Bi-AMP Front Polk Audio Monitor 30s Rear 
OtherOther
Polk Audio CS1 Center Polk Audio PSW10 
CPUMotherboardGraphicsRAM
Xeon Harpertown 3.6ghz Asus P5Q SE/R HD7770 4GB DDR2 800mhz Corsair 
Hard DriveHard DriveHard DriveHard Drive
5TB Toshiba 5TB Toshiba 5TB Toshiba 2TB Hitachi 
Hard DriveHard DriveHard DriveOS
2TB Seagate 2TB Western Digital 1TB Hitachi Windows Home Server 2011 
Power
Corsair CX500 
  hide details  
Reply
Red Dragon
(19 items)
 
HTPC
(20 items)
 
HomeServer
(13 items)
 
CPUMotherboardGraphicsRAM
Intel Core i7 2600K @4.8ghz Asrock p67 Extreme4 GTX1080 G.SKILL Ripjaws X Series 16GB 9-11-11-31 2133MHz 
Hard DriveHard DriveHard DriveHard Drive
3x 640 WD blacks Raid 0 Mushkin Enhanced Reactor 512GB SSD Sandisk 1TB SSD Samsung 470 Series 128GB SSD 
CoolingOSMonitorKeyboard
XSPC Raystorm Windows 10 64bit Microboard m340clz 100hz 3440x1440 Corsair K70 
PowerCaseMouseAudio
TX850 HAF922 Logitech G502 Creative Sound Blaster Z  
AudioAudioAudio
Elac B6 & Dayton Audio SUB-800 Yamaha HTR-5790 Audio Technica ATH-A700 headphones 
CPUMotherboardGraphicsRAM
Q9550 @ 4GHZ Gigabyte EP45 UD3P GTX470 4GB OCZ Reaper 1150mhz 
Hard DriveHard DriveOptical DriveCooling
Western Digital Blue 500gb OCZ Vertex 2 60GB LG Bluray Corsair H50 
OSKeyboardPowerCase
Windows 7 Home Premium  Logitech K400 Corsair CX500 nMEDIAPC 6000B 
AudioOtherOtherOther
Yamaha HTR-5063 PS3 80GB BC PS3 with 250GB hard drive. Polk Audio Monitor 60s Bi-AMP Front Polk Audio Monitor 30s Rear 
OtherOther
Polk Audio CS1 Center Polk Audio PSW10 
CPUMotherboardGraphicsRAM
Xeon Harpertown 3.6ghz Asus P5Q SE/R HD7770 4GB DDR2 800mhz Corsair 
Hard DriveHard DriveHard DriveHard Drive
5TB Toshiba 5TB Toshiba 5TB Toshiba 2TB Hitachi 
Hard DriveHard DriveHard DriveOS
2TB Seagate 2TB Western Digital 1TB Hitachi Windows Home Server 2011 
Power
Corsair CX500 
  hide details  
Reply
post #8 of 9
AC1200 router? Boss indicating 'alerts for hack'?

Sounds like a resume generating scenario.

pfsense would be a nice start at least.
Waiting on X399
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II B57 @ X4 3.9 Gigabyte 790FXTA-UD5 Sapphire Radeon 290 8 GB G.Skill 2133 
Hard DriveCoolingOSKeyboard
250 GB 840 EVO Noctua NH-D14 Windows 10 Logitech K350 
PowerCaseMouseMouse Pad
Seasonic x750 Corsair 600T Logitech G100s Razer Goliathus Speed 
Audio
Plantronics Gamecom 788 
  hide details  
Reply
Waiting on X399
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II B57 @ X4 3.9 Gigabyte 790FXTA-UD5 Sapphire Radeon 290 8 GB G.Skill 2133 
Hard DriveCoolingOSKeyboard
250 GB 840 EVO Noctua NH-D14 Windows 10 Logitech K350 
PowerCaseMouseMouse Pad
Seasonic x750 Corsair 600T Logitech G100s Razer Goliathus Speed 
Audio
Plantronics Gamecom 788 
  hide details  
Reply
post #9 of 9
Thread Starter 
Quote:
Originally Posted by beers View Post

AC1200 router? Boss indicating 'alerts for hack'?

Sounds like a resume generating scenario.

pfsense would be a nice start at least.

Um what? lol jobs are not that lucrative around here specifically in programming so I gotta take what I can get. lol

Im working on pfsense to implement. Thanks guys and gals
Upgrayedd
(7 items)
 
  
CPUMotherboardGraphicsRAM
Ryzen 1700 @ 3.8GHz Aorus X370 Gaming 5 RX480 XFX RS Corsair Vengeance LPX 16GB 2666Mhz 
Hard DriveOSPower
Samsung 950 Pro M.2 Windows 10 pro x64 EVGA 750w 80 Bronze 
  hide details  
Reply
Upgrayedd
(7 items)
 
  
CPUMotherboardGraphicsRAM
Ryzen 1700 @ 3.8GHz Aorus X370 Gaming 5 RX480 XFX RS Corsair Vengeance LPX 16GB 2666Mhz 
Hard DriveOSPower
Samsung 950 Pro M.2 Windows 10 pro x64 EVGA 750w 80 Bronze 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Need advice on upgrading security at work for our servers.