From 211a4e3ec6e33e008379ad1543b25a3c5f8d0188 Mon Sep 17 00:00:00 2001 From: Alicia Sykes Date: Sun, 1 Mar 2020 11:26:23 +0000 Subject: [PATCH] Adds: Self-Hosted Network Security --- 6_Privacy_Respecting_Software.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/6_Privacy_Respecting_Software.md b/6_Privacy_Respecting_Software.md index 1700af2..88f643c 100644 --- a/6_Privacy_Respecting_Software.md +++ b/6_Privacy_Respecting_Software.md @@ -39,6 +39,7 @@ corporations, governments, and hackers from logging, storing or selling your per **Networking** - [Virtual Private Networks](#virtual-private-networks) +- [Self-Hosted Network Security](#self-hosted-network-security) - [Mix Networks](#mix-networks) - [Proxies](#proxies) - [DNS Providers](#dns) @@ -275,6 +276,23 @@ If you don't trust a VPN provider not to keep logs, then you could self-host you [Digital Ocean](https://m.do.co/c/3838338e7f79) provides flexible, secure and easy Linux VMs, (from $0.007/hour or $5/month), this guide explains how to set up VPN on: [CentOS 7](https://www.digitalocean.com/community/tutorials/how-to-set-up-and-configure-an-openvpn-server-on-centos-7) or [Ubuntu 18.4+](https://www.digitalocean.com/community/tutorials/how-to-set-up-and-configure-an-openvpn-server-on-centos-7). See more about configuring [OpenVPN](https://openvpn.net/vpn-server-resources/digital-ocean-quick-start-guide/) or [IKEv2](https://www.digitalocean.com/community/tutorials/how-to-set-up-an-ikev2-vpn-server-with-strongswan-on-ubuntu-18-04-2). Alternativley, here is a [1-click install script](http://dovpn.carlfriess.com/)for on [Digital Ocean](https://m.do.co/c/3838338e7f79), by Carl Friess. +## Self-Hosted Network Security + +Fun little projects that you can run on a Raspberry Pi, or other low-powered computer. In order to help detect and prevent threats, monitor network and filter content + +| Provider | Description | +| --- | --- | +**[Pi-Hole](https://pi-hole.net)** | Network-level advertisement and Internet tracker blocking application which acts as a DNS sinkhole. Pi-Hole can significantly speed up your internet, remove ads and block malware. It comes with a nice web interface and a mobile app with monitoring features, it's open source, easy to install and very widley used +**[IPFire](https://www.ipfire.org)** | A hardened, versatile, state-of-the-art open source firewall based on Linux. Its ease of use, high performance and extensibility make it usable for everyone +**[PiVPN](https://pivpn.io)** | A simple way to set up a home VPN on a any Debian server. Supports OpenVPN and WireGuard with elliptic curve encryption keys up to 512 bit. Supports multiple DNS providers and custom DNS provividers- works nicley along-side PiHole +**[E2guardian](http://e2guardian.org)** | Powerful open source web content filter +**[SquidGuard](http://www.squidguard.org)** | A URL redirector software, which can be used for content control of websites users can access. It is written as a plug-in for Squid and uses blacklists to define sites for which access is redirected +**[PF Sense](https://www.pfsense.org)** | Widley used, open source firewall/router +**[Zeek](https://www.zeek.org)** | Detect if you have a malware-infected computer on your network, and powerful network analysis framework and monitor + +Don't want to build? See also: [Pre-configured security boxes](https://github.com/Lissy93/personal-security-checklist/blob/master/5_Privacy_and-Security_Gadgets.md#network-security) + + ## Mix Networks [Mix networks](https://en.wikipedia.org/wiki/Mix_network) are routing protocols, that create hard-to-trace communications, by encrypting and routing traffic through a series of nodes. They help keep you anonymous online, and unlike VPNs -there are no logs