Skip to main content

Messages

This section allows you to view all Messages made by this member. Note that you can only see Messages made in areas you currently have access to.

Messages - Admin

2131
Computer Software / Re: Anyone running their own media servers?
Still using old WDTV boxes because they're easy for my family members to use (IR remote controlled).  Breaking out a keyboard/mouse to watch TV isn't an option here.  Wondering what their replacements will be when the time comes...
2135
Computer Software / Re: Anyone running their own media servers?
Google's business suite "used" to allow unlimited storage.
Now, you have to have at least three people signed up for it, at 12 USD a month, so 36 to 60 a month, for GSuite and unlimited storage.
Sadly, they locked down the single account business owner to one tb of storage.
People used to host their whole plex library up on Google's cloud, with this.
Might be worth taking a second look at, if you are paying that much.

https://gsuite.google.com/pricing.html

Maybe people here could band together, for that price level, and use Google's cloud storage and split the pricing up, so it would be insignificant?
2136
Computer Software / Re: Anyone running their own media servers?
Quote from: wehde on
That's great and all, but, I have over 20 terabytes of media to store.
Any idea where you can get a cloud that large, without paying through the nose for it?

I pay around 150 Euro per month for a dedicated server with more than 20 terabytes of storage space. I'm guessing you would consider 150 Euro per month paying through the nose? That's about what it will cost to store dozens of terabytes remotely in a datacenter.
2138
Computer Software / Re: Anyone running their own media servers?
I just dump all my media into a passworded web directory, then I input the web directory information including user:pass into Kodi and it automatically scans the media and then turns all my remuxes into a Netflix like library. Very handy.
2139
Computer Software / Re: Anyone running their own media servers?
Quote
What OS do you run?

I have it running on an Ubuntu server. It runs pretty well so I've not yet bothered to look at anything else.
It also has the ability to share libraries, similar to what you describe.

Only downside is that the Apps requires a Plex Pass which isn't free, web player is free though. (Android app etc)
Is this free for Kodi? Then, depending on what you're looking for, that's probably a big pro for Kodi.
Ifaik Kodi doens't do transcoding thoughcitation needed, which is something I do use sometimes.
2140
Computer Software / Re: Anyone running their own media servers?
Quote from: wehde on
I've been using Plex ever since I became self-conscious, never actually tried anything else.
I'm curious what else is used out there.

What OS do you run? Depending on your complexity requirements, you may be able to get by using Windows' own DLNA server. Supports access control and automatically indexes files within the media libraries that the OS uses, which makes adding and removing media from a variety of different locations on the server simple. Biggest downsides would be that it requires Windows, and it doesn't have a client on most devices that adds additional features like Plex would.

If you don't have Windows and don't want to use Plex, most of my friends live by Kodi. Biggest advantage I've seen from that is it allows easy file sharing between multiple devices, so as long as you have friends with large amounts of media, you therefore have large amounts of media. Also, their client adds a bunch of additional features (like the file sharing) and can be installed on most devices. Plus, I think it even includes a weberface for easy administration. I haven't used it, so I can't personally vouch, but it looks like a good product.
2142
Computer Software / Re: Building a home IDS server
Quote from: wehde on
I've built many pfsense machines. Basically its freebsd + software to turn your old PC into a router/firewall.

https://www.pfsense.org
https://opnsense.org
https://securityrouter.org/wiki/Main_Page
https://mikrotik.com/software
https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx
https://www.sophos.com/en-us/products/free-tools/sophos-xg-firewall-home-edition.aspx
https://www.endian.com/community/overview/
https://www.untangle.com/untangle-ng-firewall/
https://zentyal.com/community/
https://www.ipfire.org
https://www.openmptcprouter.com

Are you wanting to do something like this? or an actual intrusion detection system? Never setup one of those. Anything doing deep packet inspection on the fly is gonna need to be fast. I would suggest not doing anything like traffic shaping, VPN's, and DPI until you get a beefy setup...otherwise things might get slow from time to time. Until then just play around with building your own router. I was planning to try https://securityrouter.org/wiki/Main_Page myself next :-)

If you have a properly secure firewall, You shouldn't have to worry about intrusions. Snag a raspberry pi for 50$ and throw one of these on your network, https://pi-hole.net - I love mine. It can also help reduce malware and what not due to the domains not resolving since they are blocked at network level via pihole.

Luckily, the ERLite-3 I have comes fully loaded as far as firewall services go (have had an HA pair of pfsense boxes with working CARP failover at work that has caused nothing but trouble; wish I liked it better). I'm definitely wanting an IDS, since I've started running into situations with some of the classes I'm taking where it would make more sense to stand up a service inside of my LAN rather than rely on a debugger or an IDE's local server. I currently have OpenVPN set up on the router to allow a couple of my devices to access the LAN when I'm away from home. Also, in the future, it may make more sense for me to stand up a bastion rather than rely on my router's firmware updates. Ubiquiti has been legendary for me so far, so I hope I won't have to go that route.

As such, I have part of my home network exposed to the Internet, so it makes sense for me to have better visibility within this. Bro is the network monitor that works best out of the box, has neatly standardized syslog output that can be text or json, and plays well with SIEM and pseudo-SIEM stuff. Since all other networking infrastructure functions are covered by the ERLite-3, the only thing the box will be doing is DPI (and the VM, on occasion). That was my thought process with that. Intrusions are never a question of "if", it's "when" :P

You're the third person who has told me to get pi-hole this week. Guess I'll definitely need to do that! I heard that it can cause a lot of network gremlins until you track down whatever CDNs need to get whitelisted. Specifically, I've got a Roku that one of my coworkers said stopped working when he set up pi-hole, and he had to do some work to figure out what domains to allow through. I don't mind the legwork, just wondering how many devices it affected for you.

Okay, so lemme give some more info about the hardware I'll be using. I have an Arris modem that gets my WAN address from my ISP. From there, it goes directly to the Ubiquiti ERLite-3 router. I have 3 VLANs: 1 is for WAN, 1 is for LAN, 1 is for emergency management access (it's the last port and it has a secondary DHCP pool for it just in case I fuck up the LAN one). The router's weberface is only accessible on the LAN and emergency VLANs. The router has an OpenVPN portal set up for it that currently only accepts one keypair. The router has firewall services that limits most of the basic troublemakers, including disabling ICMP, disabling incoming unestablished TCP sessions, and disabling "weird" packets. The only ports I have open to WAN is for OpenVPN. Probably obvious, but the router NATs all traffic on the LAN VLAN to the WAN VLAN, so devices on the LAN are relatively masqued. On the LAN interface, I have a Netgear R7000 in WAP mode acting as both switch and WAP.

Here's the old specs for the server:
CPU: AMD A10-7860k
Motherboard: MSI - A68HI AC Mini ITX FM2+ Motherboard
Memory: Crucial - 8 GB (1 x 8 GB) DDR3-1600 Memory
Storage: Crucial - BX200 240 GB 2.5" Solid State Drive
Case: Cooler Master - Elite 130 Mini ITX Tower Case
Power Supply: Silverstone - 300 W 80+ Bronze Certified SFX Power Supply

I plan on doubling the RAM and getting a 4 TB spinning disk for storage. I have a PCIe gigabit Ethernet NIC and a Netgear 5 Port Managed switch that will allow me to TAP traffic from my LAN. Basically, the network path won't change much, I'll be putting the new switch between the WAP and the router, moving the stuff from the WAP to the switch, and then mirroring the connection between the router and the switch to that new NIC, which will be on the IDS server. I can do a draw.io if that wasn't clear, no worries.
2144
Computer Software / Re: Building a home IDS server
I've built many pfsense machines. Basically its freebsd + software to turn your old PC into a router/firewall.

https://www.pfsense.org
https://opnsense.org
https://securityrouter.org/wiki/Main_Page
https://mikrotik.com/software
https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx
https://www.sophos.com/en-us/products/free-tools/sophos-xg-firewall-home-edition.aspx
https://www.endian.com/community/overview/
https://www.untangle.com/untangle-ng-firewall/
https://zentyal.com/community/
https://www.ipfire.org
https://www.openmptcprouter.com

Are you wanting to do something like this? or an actual intrusion detection system? Never setup one of those. Anything doing deep packet inspection on the fly is gonna need to be fast. I would suggest not doing anything like traffic shaping, VPN's, and DPI until you get a beefy setup...otherwise things might get slow from time to time. Until then just play around with building your own router. I was planning to try https://securityrouter.org/wiki/Main_Page myself next :-)

If you have a properly secure firewall, You shouldn't have to worry about intrusions. Snag a raspberry pi for 50$ and throw one of these on your network, https://pi-hole.net - I love mine. It can also help reduce malware and what not due to the domains not resolving since they are blocked at network level via pihole.
2145
Computer Software / Building a home IDS server
So, a project that I've had been kicking around for a while is revamping my home network setup, in order to better utilize the experience I've picked up through work. I've slowly been collecting gear, and I'm planning on repurposing a 2 year old HTPC to supply most of the hardware for an IDS server. I was wondering if there was someone else who had been in this position before.

I plan on beefing up the proto-server with an extra stick of RAM and a large spinning disk for log storage. I don't have the money for a whole system build (would want to do it proper, buy better quality stuff), and barring a surplus PowerEdge falling off a truck by me, I'm gonna have to multi-purpose the box. Ideally, it wouldn't be multitasking for a majority of the time, but on occasion it will also need to run a lightweight VM for some other projects. For a network monitoring solution, I was planning on testing Bro in my environment. I am already a little familiar with its architecture, just not necessarily in its administration for this scenario. My max bandwidth (up or down) with my ISP is currently 300Mbs, and I plan on upgrading to gigabit in the future.

So, for people who have been through something like this, am I gonna run into bottlenecks on CPU during multitasking? This will all be running on a desktop CPU, and not necessarily a great one. I know DPI is very resource hungry, but the best I can do at this moment is to offset the RAM cost of the VM. I would consider the VMs performance as high priority when it is in use, so I can't really afford slowdowns there. When I blast my network with a gigabit of shitposting, am I at risk for knocking things over?

And for people who haven't, would anyone be interested in documentation of this process, for posterity or science or some shit?