Welcome all Itus Shield owners!

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
45 messages Options
123
Reply | Threaded
Open this post in threaded view
|

Welcome all Itus Shield owners!

user8446
Administrator
This post was updated on .
Welcome to all Itus Shield owners! Sadly, Itus Networks is now closed but we still have a great piece of hardware and thankfully it uses open source software on it so we should be able to continue on via updates directly from the respective providers:

Operating system: https://openwrt.org/

IPS: https://www.snort.org/

IPS Rules currently used: https://rules.emergingthreats.net/open/snort-edge/rules/

The Shield is based on the low power Cavium Octeon III CN7020 dual-core 1Ghz SOC processor: http://www.cavium.com/OCTEON-III_CN70XX_71XX.html

The box has 1GB of DDR3 RAM and 4 GB of eMMC flash memory. Manufacturer: http://www.rhinolabsinc.com/

More info, specs, and articles:
http://linuxgizmos.com/cavium-adds-openwrt-support-to-octeon-iii/

http://linuxgizmos.com/networking-security-appliance-runs-snort-on-openwrt/

http://www.zdnet.com/article/snort-on-home-routers-what-a-great-idea/

http://www.makeuseof.com/tag/iguardian-smart-way-protect-home-network/


On Jan 21, 2016 Itus pushed out an update to the firmware update script which disconnects Itus Networks from the Shield appliance. The new script pulls IPS rules updates directly from the emerging threats open ruleset as linked above. That was generous them to do that although we did not receive any type of official statement. The current firmware (1.51 sp1) has a throughput between 100-125Mbps and the box only uses 7-15 watts of power. The acceleration engines aren't even being utilized which was due for a future firmware update to double that throughput.
Running in bridge mode, 1.51 SP1 fw
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

Hans
Administrator
This post was updated on .
Thanks user8846!

Any file limitations on this forum?
Using Shield Pro v1, Chaos Calmer, FW 1.51 SP1, Bridge Mode

2nd Shield as Sandbox, Chaos Calmer, FW 1.51 SP1 + hotfixes
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

Wisiwyg
Hi Gents!

Thank you for hosting this site, user8846! Where would you like the associated files Hans and I have been storing? Right now, I have a few out on OneDrive that I could move over. They can stay there if you have a concern about storage space.
Shield Pro v1, Chaos Calmer, FW 1.51 SP1, v8.3.2, Bridge Mode
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

user8446
Administrator
I think files should be able to be directly loaded via more > upload a file. I'm not sure on the limitations yet with Nabble forums... if there is one I can put files directly on my website for storage with no limitations.
Running in bridge mode, 1.51 SP1 fw
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

camisy
Olá :)
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

ericsante
In reply to this post by user8446
Hiya, I'm glad we have a forum again to share...  Did anyone capture the knowledge base and PDF's that were posted for things like VPN, IPv6, etc...
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

Hans
Administrator
Hi all

Wysiwig and I have a copy of the manuals, a few howto, scripts and the restore image.
I don't have a full copy of packetinspector.org but Breda did that already.

cheers,
Using Shield Pro v1, Chaos Calmer, FW 1.51 SP1, Bridge Mode

2nd Shield as Sandbox, Chaos Calmer, FW 1.51 SP1 + hotfixes
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

Ronniem1
Yay!!  Glad to be here!    Welcome everyone
Thanks, Ronnie Shield V1.51 SP1 / Operating Mode UTM Router
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

breda
In reply to this post by user8446
Thanks for setting Forums
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

user8446
Administrator
My pleasure... I'm certainly not a programmer or developer but still want to pitch in any way I can.
Running in bridge mode, 1.51 SP1 fw
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

user8446
Administrator
This post was updated on .
In reply to this post by ericsante
Ericsante,

Did you try clearing the IPS logs to see if your throughput increases? There is a known bug where throughput slows as the IPS logs grow. A workaround to clear the logs:

For the command line in the GUI:

cp /dev/null /tmp/snort/alert.fast (for bridge)
cp /dev/null /tmp/snort/alert (for router)
cp /dev/null /tmp/snort/alert2 (for router)

If you want to set it up as a cronjob use:

19 3 * * 0 > /tmp/snort/alert.fast (for bridge)
19 3 * * 0 > /tmp/snort/alert (for router)
10 3 * * 0 > /tmp/snort/alert2 (for router)

I have mine clear weekly at 3:19am as above right before my update script runs. Adjust for your own preference or needs.

(Thanks roadrunnere42 for the correction)
Running in bridge mode, 1.51 SP1 fw
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

stangrunner
In reply to this post by user8446
Thanks user8446 for creating this.  Nice work.
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

jeffs123
Agreed!  Thank you for getting this forum setup so the Shield can live on!

One request, I noticed there doesn't appear to be HTTPS available on the forum (or the main web page for that matter). Any chance that could be configured so that things like our login creds don't get compromised?

The Let's Encrypt project provides free SSL certs: https://letsencrypt.org/

Thanks!
Jeff
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

Hans
Administrator
jeffs123 wrote
One request, I noticed there doesn't appear to be HTTPS available on the forum (or the main web page for that matter). Any chance that could be configured so that things like our login creds don't get compromised?
Hi Jeff

the lack of encryption seems to be due to the nature of this forum: see http://support.nabble.com/HTTPS-SSL-urgent-td7594627.html

http://support.nabble.com/ is not very helpful

Hans
Using Shield Pro v1, Chaos Calmer, FW 1.51 SP1, Bridge Mode

2nd Shield as Sandbox, Chaos Calmer, FW 1.51 SP1 + hotfixes
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

jeffs123
Well that's a bummer.

Thanks for looking into it.  Hopefully Nabble will find and apply a solution for the issue (although I won't hold my breath).
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

Ronniem1
In reply to this post by user8446
Hey @Admin -

 If Itus did a farewell script and  disconnected shield from their networks.  How will our shields be getting updates?
Thanks, Ronnie Shield V1.51 SP1 / Operating Mode UTM Router
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

stangrunner
In reply to this post by jeffs123
Nice catch jeffs123 on the missing encryption.  

I guess one suggestion to everyone, use a password manager (1Password is good, there are others) and generate a unique strong password for this forum.  

At least if your password is compromised, it is limited to this forum and the knowledge of the email address we used for registering access to it.  
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

Roadrunnere42
In reply to this post by Ronniem1
Ronniem1

The shield is still getting update automatically from sites that deal in
ads rules
Malicious rules and
snort rules

The updates happen every night around 3am give or take a hour.

Andy
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

user8446
Administrator
This post was updated on .
In reply to this post by stangrunner
I completely agree, I do wish the Nabble back-end had encryption in transit. However, they do mention passwords are encrypted at rest:

http://x6.nabble.com/help/Answer.jtp?id=25

That being said, as was mentioned NEVER use the same password between sites! I guess this would be a good time to plug my favorite p/w manager: KeePass. Open source, free, and completely customizable but certainly use what you guys are comfortable with.
Running in bridge mode, 1.51 SP1 fw
Reply | Threaded
Open this post in threaded view
|

Re: Welcome all Itus Shield owners!

MalformedPacket
In reply to this post by user8446
Just joined. Sad to see the company go under but glad to see there is some of us who can keep our devices running and support each other.
123