Hello everyone,
Can someone suggest me a good package that I can install on my pfsense which can automatically block ads and restricts malware on firewall level.
I have my own small business with around 40 devices. 30 on LAN and 10-20 on Wi-Fi (Guest!!).
Thanks in advance.
You can use pfblocker and Snort, but blocking at the firewall level is not that effective for security here in 2024.
Will go through this all. Also I had seen that you suggest Sentinel one for end point security. I also manage my devices through ninjaone. Should I go with Bitdefender or Sentinel one for Endpoint protection and Firewall stuff.
P.S: I am the only IT guy at my small business who manages everything. I want that most things to work out on automate mode. It’s not possible for me to be available all the time.
Thanks.
Senitinel One is much better than Bidefender.
I can’t say much about Senitinel One but the company I work uses bitdefender and it works really well.
Hey tom can you please suggest which sentinel one products do I need to have to make my endpoints/ end-user device safe. I am getting confused what to get and what not to get. I was planning to get licenses add from ninjaone so can you please suggest which products should I opt in for.
Thanks.
We get their top tier with their SOC.
I can vouch for pfBlockerNG, it save my behind last week. I downloaded a piece of software thinking it was from a reputable source. The exe file looked realistic and when I clicked to install, I got some nice command prompts popping up.
Within a matter of seconds, I knew I downloaded something malicious. A command prompt popped up, never disappeared like the rest, and just hung.
Right away before it can finish the job, I turned off my laptop, formatted the drive and reinstalled Windows.
I checked out my pfSense page and noticed that pfBlockerNG blocked 220+ IPs within the time frame… I rarely see IPs being blocked.
After reinstalling Windows 11 on my laptop, the IP addresses never popped up. Downloaded the right file from source and all is good!
No sure pfBlockerNG saved you, it allowed you to download a malicious file , which you installed.
I would say it partly did as the connection to whatever it was trying to connect was blocked.
I understand pfSense isn’t an antivirus/antimalware, but it did play some part into the malicious program not completing its job. (Hence the IP blocks)
pfBlocker (not using the DNSBL) and Snort has been working great. pfBlocker has been working overtime in the last few weeks with all the attacks on VPN and other services in routers that aren’t patched so I guess every script Kiddie was looking to exploit that. Snort does catch a few stragglers inbounds to my network to my server VLAN.
I do watch the logs in Snort and on my guest network where I VPN into the office I see a lot of interesting traffic going out. My favorite is the “weak” encryption notification. and I thought our pro network security team would know better.