Hello All,
I might be paranoid, but I've been trying to find if there are any vulnerabilities that require closing, or extra security options to enable, on my Edge Lite Router 3. I've followed the simple guide for SOHO networks (as much as it applies to my network) for security setup, but can't help but feel like I've missed something.
Here is my configuration:
all-ping enable
broadcast-ping disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name wan-in {
default-action drop
description "Firewall Configuration"
enable-default-log
rule 1 {
action accept
description "Default allowed"
destination {
group {
}
}
log disable
protocol tcp_udp
source {
group {
}
}
state {
established enable
related enable
}
}
rule 2 {
action reject
description "Default dropped"
destination {
group {
address-group ADDRv4_eth1
}
}
log disable
protocol all
source {
group {
address-group ADDRv4_eth0
}
}
state {
invalid enable
}
}
rule 4 {
action accept
description IMT
destination {
group {
address-group ADDRv4_eth1
}
port 2330
}
protocol tcp_udp
source {
group {
address-group ADDRv4_eth0
}
port 2330
}
state {
invalid disable
}
}
rule 5 {
action accept
description OpenVPN
destination {
group {
address-group ADDRv4_eth1
}
port 1194
}
log enable
protocol udp
state {
established enable
invalid disable
related enable
}
}
}
name wan-local {
default-action drop
description "Firewall policy for Local Out"
enable-default-log
rule 1 {
action accept
description "Allow valid traffic"
log disable
protocol all
state {
established enable
invalid disable
new disable
related enable
}
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
The router isn't running the newest firmware upgrade at the moment, but it will as soon as I can get past "Unable to load the router configuration" error.
Thanks in advance.