Now, when mikrotik supports WireGuard there is no need to stay with OpenVPN. Let's try to setup WireGuard and investigate it's options, test performance etc. My current firewall configuration is quite benevolent and allows communication between all containers/VM/hosts. Let's restrict it and allow only certain traffic. Even if my network is segmented with VLANs, it lacks any monitoring. I would like to deploy some IDS and later IPS to be able to identify possible threats. Also it would be nice and useful to get rid of installation pen drives/CDs and use PXE boot instead.
Goal for this Hackweek
1) replace OpenVPN with WireGuard
2) revisit and restrict firewall configuration
3) deploy IDS/IPS (for now suricata seems to be the best option) and consider some netflow collector
4) setup PXE boot server
Looking for hackers with the skills:
Nothing? Add some keywords!
This project is part of:
Hack Week 21
This project is one of its kind!