What do you run; Opnsense, pfsense, Smoothwall, maybe a WAF like wazuh?
Today was update/audit firewall day. I’m running a standalone instance of pFsense on a Protectli Vault FW4B - 4 Port - Intel Quad Core - 8GB RAM - 120GB mSATA SSD with unbound, pfBlockerNG, Suricata, ntopng, and heavily filtered. I did bump the swap to 8 GB as I’ve previously noticed a few ‘out of swap’ errors under load.
Before I signed off, I ran it through a couple porn sites to see if my adblocking strategy was working. Not one intrusive ad. Sweet!
Show me what you got.
When you say open 22, do you mean with just password access with multiple users? I recently made mine only allow entry using ssh certs iirc. And then just blocked incoming for the time being. Guess I’ll need to fix that before another git pull request.
I think when I said open port 22, I was giving an illustration of the hordes of bots that will show up at your doorstep. Best practice is to use ssh keys and rotate them.