Русский flag Русский

IT support for business, startups and developers

All Posts

pfSense: a legend proven over decades

2025-11-03

#pfsense #firewall #vpn #ha #infrastructure

pfSense — a tank in the world of firewalls.
Is updated less often, but runs for years without surprises.

🏢 Who pfSense is for

  • Corporation with 100+ users
  • Needs official support
  • Has old but reliable hardware
  • Value stability

📚 pfSense Features

  • Multi-WAN and automatic failover
  • Traffic Shaping — bandwidth management
  • Captive Portal — guest authentication
  • OpenVPN and IPsec — encrypted tunnels

⚙️ Installation

  1. ISO → USB
  2. Install → configure WAN/LAN
  3. In about 10 minutes — a ready firewall

Example HAProxy config:

OPNsense: the firewall of the future that newbies install

2025-11-02

#opnsense #firewall #vpn #ha #office

OPNsense — it’s like pfSense, but prettier, faster, and with an API.
Want an office firewall you wouldn’t be embarrassed to show your boss? Here it is.

💼 Who OPNsense is for

  • Office of 10–50 people
  • VPN for all employees
  • Backup internet connection
  • Modern web interface

🎨 Apple-like interface

  • Dark theme
  • Real-time graphs
  • REST API for automation
  • WireGuard out of the box

⚙️ Installation in 5 minutes

  1. Download the ISO from opnsense.org
  2. Write it to a USB stick (dd or Rufus)
  3. Boot → assign interfaces → done!

Auto-update via API:

082 | Firewall Basics: UFW — Simple and Powerful Protection

2025-08-14

#UFW #firewall #security #Linux #iptables #nftables #network #administration

Introduction: The First Line of Defense for Your Server

Before thinking about complex intrusion detection systems such as Fail2ban or CrowdSec, you need to build the first and most reliable line of defense—a firewall. A firewall controls all network traffic entering and leaving your server and blocks unauthorized connection attempts.

Traditionally, Linux servers have used iptables to manage firewalls, but its syntax can be complicated and confusing. Fortunately, there is a simpler and more intuitive tool — UFW (Uncomplicated Firewall).

Case Study: Configuring Port Knocking on MikroTik for Enhanced Security

2025-07-16

#MikroTik #RouterOS #SSH #Port Knocking #remote access #security #firewall #protection #case study

In a world where cyberattacks are becoming increasingly sophisticated, protecting remote access to servers and network equipment is of paramount importance. Simply opening ports for SSH, RDP, or web interfaces makes them targets for constant scanning and brute-force attacks.

Today, we’ll explore a powerful yet lesser-known technique that significantly improves the security of your MikroTik (and not only): Port Knocking. It’s not just about “closing ports,” but a smart system that makes your services invisible to most scanners and bots.

048 | Mikrotik: What Is It and Why Is It Ideal for Small Business?

2025-07-10

#Mikrotik #RouterOS #router #small business #network #security #VPN #QoS #hotspot #firewall #cost-saving #network setup

Introduction: Mikrotik – More Than Just a Router

When it comes to networking hardware for home or small offices, most people think of consumer-grade routers like those from TP-Link, ASUS, or D-Link. However, there’s a category of devices offering far more flexibility, features, and control—while remaining affordable. We’re talking about Mikrotik, a Latvian company known for its wide range of networking gear, especially routers and switches.

What truly sets Mikrotik apart isn’t just the hardware, but its operating system — RouterOS. This powerful software transforms ordinary devices into versatile tools capable of handling tasks usually reserved for far more expensive enterprise solutions.