Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
Administrator
|
This post was updated on Feb 26, 2016; 2:07am.
Welcome to all Itus Shield owners! Sadly, Itus Networks is now closed but we still have a great piece of hardware and thankfully it uses open source software on it so we should be able to continue on via updates directly from the respective providers:
Operating system: https://openwrt.org/ IPS: https://www.snort.org/ IPS Rules currently used: https://rules.emergingthreats.net/open/snort-edge/rules/ The Shield is based on the low power Cavium Octeon III CN7020 dual-core 1Ghz SOC processor: http://www.cavium.com/OCTEON-III_CN70XX_71XX.html The box has 1GB of DDR3 RAM and 4 GB of eMMC flash memory. Manufacturer: http://www.rhinolabsinc.com/ More info, specs, and articles: http://linuxgizmos.com/cavium-adds-openwrt-support-to-octeon-iii/ http://linuxgizmos.com/networking-security-appliance-runs-snort-on-openwrt/ http://www.zdnet.com/article/snort-on-home-routers-what-a-great-idea/ http://www.makeuseof.com/tag/iguardian-smart-way-protect-home-network/ On Jan 21, 2016 Itus pushed out an update to the firmware update script which disconnects Itus Networks from the Shield appliance. The new script pulls IPS rules updates directly from the emerging threats open ruleset as linked above. That was generous them to do that although we did not receive any type of official statement. The current firmware (1.51 sp1) has a throughput between 100-125Mbps and the box only uses 7-15 watts of power. The acceleration engines aren't even being utilized which was due for a future firmware update to double that throughput.
Running the latest OpenWrt stable release
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
This post was updated on Feb 09, 2016; 8:52pm.
Thanks user8846!
Any file limitations on this forum?
No more: Shield Pro v1, Chaos Calmer, FW 1.51 SP1
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
Hi Gents!
Thank you for hosting this site, user8846! Where would you like the associated files Hans and I have been storing? Right now, I have a few out on OneDrive that I could move over. They can stay there if you have a concern about storage space.
Shield Pro v1, Chaos Calmer, FW 1.51 SP1, v8.3.2, Bridge Mode
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
Administrator
|
I think files should be able to be directly loaded via more > upload a file. I'm not sure on the limitations yet with Nabble forums... if there is one I can put files directly on my website for storage with no limitations.
Running the latest OpenWrt stable release
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
Olá :)
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
In reply to this post by user8446
Hiya, I'm glad we have a forum again to share... Did anyone capture the knowledge base and PDF's that were posted for things like VPN, IPv6, etc...
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
Hi all
Wysiwig and I have a copy of the manuals, a few howto, scripts and the restore image. I don't have a full copy of packetinspector.org but Breda did that already. cheers,
No more: Shield Pro v1, Chaos Calmer, FW 1.51 SP1
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
CONTENTS DELETED
The author has deleted this message.
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
In reply to this post by user8446
Thanks for setting Forums
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
Administrator
|
My pleasure... I'm certainly not a programmer or developer but still want to pitch in any way I can.
Running the latest OpenWrt stable release
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
Administrator
|
This post was updated on Feb 23, 2016; 8:35pm.
In reply to this post by ericsante
Ericsante,
Did you try clearing the IPS logs to see if your throughput increases? There is a known bug where throughput slows as the IPS logs grow. A workaround to clear the logs: For the command line in the GUI: cp /dev/null /tmp/snort/alert.fast (for bridge) cp /dev/null /tmp/snort/alert (for router) cp /dev/null /tmp/snort/alert2 (for router) If you want to set it up as a cronjob use: 19 3 * * 0 > /tmp/snort/alert.fast (for bridge) 19 3 * * 0 > /tmp/snort/alert (for router) 10 3 * * 0 > /tmp/snort/alert2 (for router) I have mine clear weekly at 3:19am as above right before my update script runs. Adjust for your own preference or needs. (Thanks roadrunnere42 for the correction)
Running the latest OpenWrt stable release
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
In reply to this post by user8446
Thanks user8446 for creating this. Nice work.
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
Agreed! Thank you for getting this forum setup so the Shield can live on!
One request, I noticed there doesn't appear to be HTTPS available on the forum (or the main web page for that matter). Any chance that could be configured so that things like our login creds don't get compromised? The Let's Encrypt project provides free SSL certs: https://letsencrypt.org/ Thanks! Jeff |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
Hi Jeff the lack of encryption seems to be due to the nature of this forum: see http://support.nabble.com/HTTPS-SSL-urgent-td7594627.html http://support.nabble.com/ is not very helpful Hans
No more: Shield Pro v1, Chaos Calmer, FW 1.51 SP1
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
Well that's a bummer.
Thanks for looking into it. Hopefully Nabble will find and apply a solution for the issue (although I won't hold my breath). |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
In reply to this post by user8446
CONTENTS DELETED
The author has deleted this message.
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
In reply to this post by jeffs123
Nice catch jeffs123 on the missing encryption.
I guess one suggestion to everyone, use a password manager (1Password is good, there are others) and generate a unique strong password for this forum. At least if your password is compromised, it is limited to this forum and the knowledge of the email address we used for registering access to it. |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
In reply to this post by Ronniem1
Ronniem1
The shield is still getting update automatically from sites that deal in ads rules Malicious rules and snort rules The updates happen every night around 3am give or take a hour. Andy |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
Administrator
|
This post was updated on Feb 19, 2016; 2:28am.
In reply to this post by stangrunner
I completely agree, I do wish the Nabble back-end had encryption in transit. However, they do mention passwords are encrypted at rest:
http://x6.nabble.com/help/Answer.jtp?id=25 That being said, as was mentioned NEVER use the same password between sites! I guess this would be a good time to plug my favorite p/w manager: KeePass. Open source, free, and completely customizable but certainly use what you guys are comfortable with.
Running the latest OpenWrt stable release
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
In reply to this post by user8446
Just joined. Sad to see the company go under but glad to see there is some of us who can keep our devices running and support each other.
|
Free forum by Nabble | Edit this page |