In less than 4 years mankind has taken the internet, which was built to resist destruction by nuclear weapons and made it vulnerable to IoT devices, such as TV’s, web cameras, printers, toasters and even toothbrushes.
As of last Friday (2016/10/21) the world observed a new type of massive terabit-per-second DDoS attack using some of the IoT devices listed above and caused the largest internet blackout in US history. Almost every corner of the web was affected in some way — streaming services like Spotify, social sites like Twitter and Reddit, and news sites like Wired and Vox appeared offline to large chunks of the eastern seaboard.
Ever wonder if your new TV sends encrypted traffic every other hour? Or ever wonder if your new video door bell can be seen by others? Or ever wonder if your new webcamera can be used in a massive DDoS attack like the one on Friday? Well here are 6 Security Apps for ClearOS to help you start answering some of these questions and then protect your home and/or business from this new type of threat:
# 1 – Intrusion Detection
The Intrusion Detection app is the cornerstone of security for any size network. The app uses the highly regarded Snort engine to perform real-time traffic analysis and packet logging on Internet Protocol (IP) networks. The app can help identify, log and stop (using the IPS plugin) external attack vectors targeting the network (fingerprinting, buffer overflows, brute force authentication etc.). The app contains over 1000 known attack vector signatures with another 8000+ signatures available (with continuous updates) via the IDS update subscription from ClearCenter (app available in the Marketplace).
#2 – Intrusion Prevention
The Intrusion Prevention app is a plugin to the Intrusion Detection system. The service dynamically creates firewall rules (IP tables) to block IP packets if a packet stream matches a known attack signature. Signatures are provided by the intrusion detection app, containing over 1000 known attack vectors. An additional 8,000-10,000 signatures are available (and continually updated) via the IDS update subscription from ClearCenter (app available in the Marketplace).
#3 – Protocol Filter
The Protocol Filter is an application layer packet classifier. It can be used to block unwanted traffic from your network – the most common being to ensure employees, students or end users are using their Internet access for its intended use. The service attempts to identify an application as data packets pass through the gateway and classify them according to known protocols. If successfully identified, user sessions can be blocked based on an administrator’s preference and/or policy. With more and more applications like file-sharing and Internet Messaging abusing standard ports designated for legitimate services, the protocol filter app can be a valuable tool in an administrator’s desire to control what types of traffic are allowed on the network.
#4 – Application Filter
The Application Filter can detect and block apps like Facebook, Netflix, Snapchat, and many others. It performs deep packet (DPI) and SSL certificate analysis to categorize and block dozens of services that be significant productivity drains in the workplace and/or time-wasters at home.
#5 – DNSThingy
This new DNS based service for ClearOS from DNSThingy gives you granular control over each user’s Internet experience. The following features can be applied network wide, or on a device by device basis:
- Block ads (even on mobile devices connected to WiFi)
- Block inappropriate content
- Create and easily manage whitelists (block all, allow some)
- Force Google Safe Search (across the entire network, on every browser)
- Access Geo-blocked content from other countries (Netflix, Hulu, etc)
- Block behavioral profiling
And for #6 stay tuned for a new type of App and Service which will intelligently combine many of these 5 functions and features coming in Q1 2016. Email email@example.com if you would like to join the beta before its public release.
#6 – Dynamic DNS
Dynamic DNS is an app that works with ClearCenter’s Service Delivery Network (SDN) to continually update a system’s IP address to a static hostname (for example, myname.poweredbyclear.com). Many ISPs use dynamic IP addresses as a way of managing their network infrastructure and customer accounts, but this practice prevents the practical implementation of running services locally like mail (SMTP) or web (HTTP). In short, Dynamic DNS provides an easily remembered and constantly updated hostname to access your system remotely. The service is free using a domain provided by ClearCenter. The use of your own domain is possible if your domain is subscribed to and using ClearCenter’s domain and DNS services.
ALERT! – Continue to watch for a new type of App and Service which will intelligently combine many of these functions and features coming in Q1 2017. Email firstname.lastname@example.org if you would like to join the beta before its public release.