List of services

27 views
Skip to first unread message

John Fields

unread,
Jul 25, 2015, 12:40:15 AM7/25/15
to homefro...@googlegroups.com
If you had a unicorn...

WAN side wish list
  1. DHCP by default, STATIC IP(s) available
  2. Blacklist inbound by default, whitelist known services
  3. geo-fencing (needed?)
  4. port knocking
  5. adaptive SYN-flood protection
  6. GUA (Gateway User Agent) to Upstream cable modem/router/etc.
    • Will try PnP to open UDP ports
    • Can try to detect make/mfg and lookup default passwords from a private API
    • Then issue scripted UA commands to spoof a user doing config
    • Other uses I am sure (maybe rebooting weekly?)
  7. trace-route (# of hops to MAE)
  8. speed test (scheduled or dynamic based on traffic mon)
  9. Link/connection loss detection (logs at least, and triggers... something?)
LAN side wish list
  1. DHCP
  2. DNS & mDNS (Bonjour)
  3. NTP
  4. DMZ
  5. PnP support
  6. API to manage configuration, real time stats
  7. local CA (certificate authority, would be useful for what?)
  8. intrusion prevention (via: snort-inline)
  9. OpenDNS blacklisting DNS (checkbox with account mgt)
  10. Content filtering option (DansGaurdian?)
  11. AntiVirus scanning (Dans Gaurdian? ClamAV?)
  12. New ethernet device detection (arpwatch)
  13. Network inventory (nmap? ohai?)
  14. Silent remote control installer (UltraVNC.MSI for windows? Bomgar? etc.)
  15. CUPS?  Naaahhh.   Google Cloud Print daemon? Maaaybe.
  16. Adaptive firewall rules?  Outbound Geo fencing?
  17. Bandwidth Shaping, per user

Kernel routing wishlist
  1. Stateful firewall (iptables)
  2. Reverse Path filter (linux rp_filter=enabled)
  3. basic protocol anomaly detection (ipt_unclean)
  4. Syed's special sauce
Wireless interface wishlist
  1. Path to 5GHz (since current box hardware doesn't support)
  2. captive portal to bypass enabled security features
  3. WPA/WPA2 authentication
  4. Authenticate by MAC for legacy devices
  5. Multiple SSID
  6. public throttled access on an unencrypted SSID


VPN feature wishlist
  1. Mesh! 
  2. Unified services: DHCP
    • IP subnet management across all connected networks
    • DNS and mDNS(Bonjour) across connected networks
  3. Strong security default setting (4128bit key)
  4. drag-n-drop configuration from dashboard
  5. layer2 checkbox (AppleTalk, other non-TCP frames)
  6. visual typology of VPN, in near real time




Hanz Da Silva

unread,
Sep 21, 2015, 11:53:23 AM9/21/15
to The HomeFrontRouter Project
Perhaps we should have list who has decided/volunteered/been volunteered to take on learning/setting up a sub-service/outside project. For instance, someone (can't remember his name at he moment) has volunteered to learn about tinc, and Ian - I believe - said he was going to look into gaucd. That way contributors can see who is charged with learning what and what is still lacking attention.


I am personally going to read up on bacula to see if it something I can handle becoming competent enough to be useful to the project. I started preparing a computer I have at home last night to use for testing and learning.

Just a thought.

John Fields

unread,
Sep 21, 2015, 10:32:01 PM9/21/15
to The HomeFrontRouter Project
Pablo is working on learning Tinc
Ian was going to level-up on deploying Docker containers
Hanz investigating Bacula.. 
Reply all
Reply to author
Forward
0 new messages