Monitoring your connected devices ?

[FTLN]

Hi Guys,

Long time no post

With our homes becoming more and more connected, I just thought I would point out how important it is to monitor all devices and find out exactly how everybody here monitors there connected devices ?

One way to do this is using a syslog server ( I'm using Syslog Watcher from https://syslogwatcher.com/ ) .


I have a few Ubiquiti wireless access points around my home, a Ubiquiti Edgerouter for my internet connection and routing all my vlans (will be looking to upgrade to 10gb switch when the prices come down), a couple of windows PC's and a wireless doorbell with intergrated camera.
If anybody tries to access one of devices via brute force or even just gets one password wrong then I'm instantly alerted about this, also I've had a few memory leaks running old firmware and rather than the router just freeze due to lack of memory I can configure it to alert when memory gets over a certain threshold. When somebody is trying to brute force my RDP password on my public IP address I'll get notified and I can just block the offending IP on my ERL3 firewall.


Anyway that's enough of me, how are you lot monitoring all your connected devices ?


Cheers, FTLN

 

[NeverBackDown]

I want to get a VPN based router/modem unit but not sure where to start and honestly super expensive. I would love for a VPN hardware based solution rather than a subscription.

As for monitoring on a VPN i don't know how to do it.

As of now I don't really monitor anything. Everything has anti virus and nothing has much personal stuff on it. Everything gets backed up immediately.

 

[hmmblah]

I love the Ubiquiti gear. I've been using their stuff for PTP between buildings and just recently set up an edgerouter with cloud key and AP for a customer with a Captive Portal for guests. Really powerful stuff for how cheap it is.

As far as monitoring goes, I don't monitor my home equipment, I do enough of that at work. I don't have anything externally accessible, I need to VPN in for access. Leaving RDP out there for people to hit is just asking for trouble. I'm using Graylog for syslog on my work network and I use Cacti for host up/down and snmp stats.

 

[FTLN]

Yeah the UBNT ERL3 is pretty mental considering all its features vs price, I do pretty much everything in the cli now, the learning curve was a bit steep but the downtime was worth it, I also had no choice as IPV6 is not supported in the webgui. Also best thing about learning cli configuration on UBNT is that it is almost identical to vyos, so if I need to set up a lab for for work in esxi I can push a vyos vm in the lab to do all the routing.

 

[Kei]

I’m glad you posted this as it got me to look at the config on my Cisco 1921. Turns out I’d totally forgotten to restrict access to both the telnet interface & the web interface. Rather glad it’s got a very long & complicated password and my IP address is dynamic.

All fixed now so access to the router can only be made via the internal network interface only.

 

[FTLN]

I’m glad you posted this as it got me to look at the config on my Cisco 1921. Turns out I’d totally forgotten to restrict access to both the telnet interface & the web interface. Rather glad it’s got a very long & complicated password and my IP address is dynamic.

All fixed now so access to the router can only be made via the internal network interface only.

Ouch, that could have been nasty....

Whats the throughput like on that 1921 ? I had a 2921 for a few weeks in the house but couldn't stand the noise...

 

[Kei]

It could have been. No idea on the throughput but it happily covers my 80mbit FTTC connection. Best of all is that it is relatively quiet.

 

[FTLN]

Well if you ever need to upgrade the ios and have a hardtime getting the ios image then just let me know. I work for a Cisco Gold Partner and have full access to the images on the download sections.