Do You Monitor Your Home Network?

the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
So do you monitor your home network? If so to what extent? Full tilt? Netflow, IDS, etc?
Failed to load the poll.
WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff

Comments

  • DoyenDoyen Member Posts: 397 ■■■□□□□□□□
    Putting labbing aside (has access to online if needed), I really do not monitor my home network with IDS, IPS, netflow, and such. The only real monitoring I do is through my firewall and through my router seeing what devices are wireless connected to my devices or ports to close/open.
    Goals for 2016: [] VCP 5.5: ICM (recertifying) , [ ] VMware VCA-NV, [ ] 640-911 DCICN, [ ] 640-916 DCICT, [ ] CCNA: Data Center, [ ] CISSP (Associate), [ ] 300-101 ROUTE, [ ] 300-115 SWITCH, [ ] 300-135 TSHOOT, [ ] CCNP: Route & Switch, [ ] CEHv8, [ ] LX0-103, [ ] LX0-104
    Future Goals: WGU MSISA or Capital Technology Univerisity MSCIS Degree Program
    Click here to connect with me on LinkedIn! Just mention your are from Techexams.net.
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    I would, if I wasn't already doing network security monitoring for a living. I have to draw the line somewhere, otherwise I'd go insane.
  • wastedtimewastedtime Member Posts: 586 ■■■■□□□□□□
    I use too.... I have been wanting to set it up again. I had a FreeBSD box that had rotating pcap, BroIDS, few other small tools running. The box had bridged ports and would capture off of that. I had a bash script I that I could use to query the rotating pcap when I found something interesting in the IDS logs. The script would use tcpdump or tshark to parse through the required logs for the time frame specified and **** the pcap. I could then ssh the pcap back to my system. Only thing I remember finding was:
    - Someone infected with SQL Slammer that tried to hit me with it
    - Some odd CDN stuff that wasn't anything malicious
    - My network printer sending runt packets due to not padding
    - My access point sending packets to 127.0.0.1

    Other then that the only thing I ran was some fairly extensive access/access-list logging on my router.
  • QordQord Senior Member Member Posts: 632 ■■■■□□□□□□
    I do, but not extensively. I allow incoming rdp to a couple machines at home from a handful of remote networks, and I'm adequately paranoid about it. I also have some work at home for testing (aruba gear) and can have multiple wireless networks going at any time, so I definitely pay attention to who has or has tried to connect to any wireless network I've got here.
  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    quite enough of that at work !!
    :)
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
  • DeathmageDeathmage Banned Posts: 2,496
    I took the Sonicwall Certification and I use dual TZ 210 Sonicwall Firewalls at home. :)

    When the Zero Day a few days ago hit, my girlfriend was surfing on IE and she got attacked but I had IPS enabled on the Sonicwall and they block it. :)

    as some of you know I also employ a few used 2nd generation R610's and countless switches and AP's so I like to keep current with stuff, lets just say the 48U Dell rack with 48 port punchdown in the basement is a bit overkill for a house... :P - but I do have a RJ45 in every room.
  • QHaloQHalo Member Posts: 1,488
    My Palo Alto is the only thing monitoring anything.
  • DoyenDoyen Member Posts: 397 ■■■□□□□□□□
    That is quite impressive DeathMage!
    Goals for 2016: [] VCP 5.5: ICM (recertifying) , [ ] VMware VCA-NV, [ ] 640-911 DCICN, [ ] 640-916 DCICT, [ ] CCNA: Data Center, [ ] CISSP (Associate), [ ] 300-101 ROUTE, [ ] 300-115 SWITCH, [ ] 300-135 TSHOOT, [ ] CCNP: Route & Switch, [ ] CEHv8, [ ] LX0-103, [ ] LX0-104
    Future Goals: WGU MSISA or Capital Technology Univerisity MSCIS Degree Program
    Click here to connect with me on LinkedIn! Just mention your are from Techexams.net.
  • cyberguyprcyberguypr Senior Member Mod Posts: 6,916 Mod
    I monitor uptime and do alerting using the free tier from Monitor.us. I deployed security onion to a VM on my DMZ just to see what kinds of crap are out there.
  • OfWolfAndManOfWolfAndMan Member Posts: 923 ■■■■□□□□□□
    I check my router for unusual connected devices occasionally. Other than that, I know where I shouldn't tread. I'll probably know when someone's out to get me.:D
    :study:Reading: Lab Books, Ansible Documentation, Python Cookbook 2018 Goals: More Ansible/Python work for Automation, IPSpace Automation Course [X], Build Jenkins Framework for Network Automation []
  • gbdavidxgbdavidx Member Posts: 840
    Deathmage wrote: »
    I took the Sonicwall Certification and I use dual TZ 210 Sonicwall Firewalls at home. :)

    When the Zero Day a few days ago hit, my girlfriend was surfing on IE and she got attacked but I had IPS enabled on the Sonicwall and they block it. :)

    as some of you know I also employ a few used 2nd generation R610's and countless switches and AP's so I like to keep current with stuff, lets just say the 48U Dell rack with 48 port punchdown in the basement is a bit overkill for a house... :P - but I do have a RJ45 in every room.

    Do you need two? Could you just get away with one?
  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    gbdavidx wrote: »
    Do you need two? Could you just get away with one?
    Doesn't everyone have 2 of everything? icon_wink.gif How else would you handle the high-availability scenarios if the monitoring detected a failure of a component? icon_lol.gif
Sign In or Register to comment.