So here is a network security question. I've rolling around in my mind is how I could be 100% certain nothing was coming in or out of out of my home network that I was not aware of or did not want. The problem is that with HTTPS and other protocols things can be encrypted, so putting in something like a network tap to capture everything and record it is would not be as helpful. But then I remembered that large companies deal with this problem all the time. They deploy their own certificates on workers machines so that they can decrypt the traffic and inspect it if required. That might be call deep packet inspection, and for how I would use it, it would also be filtering.
That might be a good way to deal with the problem, setting up a network where my machines are only using certs than I can easily decrypt, that way I can just filter and record everything and inspect it. The only problem with that is that I am not sure how to set that up? I would need it for both Windows and Linux and then at the end point, like the router, I think the traffic would need to be changed to use my banks cert or amazon.com’s cert or whatever. Does anyone know of have a good guide as to how to do this? Does pfSense provide anything that is helpful for this kind of thing?
And of course the filtering part might be more difficult than I imagine, blocking anything that I do not know exactly what it is. Also, I am not sure much of this could be done in a freeware kind of thing or what I might need to buy. Currently I have a simple, somewhat highend tp-link router from wal mart. It might be nice to be behind a few layers.
Thanks.
Chad
That might be a good way to deal with the problem, setting up a network where my machines are only using certs than I can easily decrypt, that way I can just filter and record everything and inspect it. The only problem with that is that I am not sure how to set that up? I would need it for both Windows and Linux and then at the end point, like the router, I think the traffic would need to be changed to use my banks cert or amazon.com’s cert or whatever. Does anyone know of have a good guide as to how to do this? Does pfSense provide anything that is helpful for this kind of thing?
And of course the filtering part might be more difficult than I imagine, blocking anything that I do not know exactly what it is. Also, I am not sure much of this could be done in a freeware kind of thing or what I might need to buy. Currently I have a simple, somewhat highend tp-link router from wal mart. It might be nice to be behind a few layers.
Thanks.
Chad