First post here in the TWiT community. Been a listener of TWiT on and off for quite some time.
TLDR - what tools are recommended for doing home network monitoring, IDS, firewall, use reporting by device, and controlling access to devices?
A bit more:
Is there an episode of Security Now or another TWiT show that shares some recommended tools (open source or COTS) for home network and security monitoring/reporting? If no, what would you recommend using at home?
My kids are doing online schooling and we have a number of different things we’d like to be able to do:
- Monitoring/Reporting - see what they’re looking at during the day - real time and historical, what sites, domains, etc. by device
- Proactive control - we want to be able control access to certain application traffic by time of day. For example, we have one son that is jumping on Google Hangouts video calls with his friends during class and missing class! Sometimes we can’t catch that - we’d like to be able to disable that specifically from 8am to 2pm or at least know when it happened.
- Proactive control - we want to be able to restrict access to certain websites all the time by device or groups of devices
- Detection - I’d like something inspecting incoming and outgoing traffic looking for rogue devices, probes, DDoS attacks, etc. etc… IDS type stuff. I think I used to use snort for this long ago on a Linux box that was inspecting packets, but that was when there was MUCH less volume of packets coming in - like <10 Mbps.
- Monitoring/Reporting - I want to be able to see typical network activity by device, by TCP port or application. real time and historical
Stuff like that. I probably could put in a proxy server and monitor/report off of that. And could just have all traffic go through a linux box with a couple of NIC’s in it. But my time is tight, and I wouldn’t mind spending a few bucks to get some sort of device or solution that does this as well…