What do you mean by “increase security”? Security isn’t a thing where you get +5 points for every antivirus you have installed - it’s about risks, and how you mitigate them. A perfect antivirus isn’t going to protect you if you have a crappy password on something you forgot about, or if you are running software with a serious security vulnerability.
If your goal is network security, you’d probably be best off deploying something like Security Onion.
After the basics like having a firewall, making sure you have the strongest wireless encryption your devices support (WPA3 probably, WPA2 if 3 isn’t supported), stuff like that.
ClamAV is an anti-virus software that you would run on end-devices to scan files, an intrusion detection scans network traffic to detect anything potentially malicious. I don’t know your exact router model but I suspect it’s way too weak to run intrusion detection. If you have a switch that’s capable of mirroring you could use that to utilize a more powerful machine to scan network traffic.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
But, why?
ClamAV is a scanning engine that uses a database and heuristics to detect an infection.
Are you looking for an Anti Virus Scanner, or Intrusion Prevention System?
I guess I’m not 100% sure. Which would I need/which would increase security?
What do you mean by “increase security”? Security isn’t a thing where you get +5 points for every antivirus you have installed - it’s about risks, and how you mitigate them. A perfect antivirus isn’t going to protect you if you have a crappy password on something you forgot about, or if you are running software with a serious security vulnerability.
If your goal is network security, you’d probably be best off deploying something like Security Onion.
After the basics like having a firewall, making sure you have the strongest wireless encryption your devices support (WPA3 probably, WPA2 if 3 isn’t supported), stuff like that.
Okay this seems neat. Would this be usable for a home network?
ClamAV is an anti-virus software that you would run on end-devices to scan files, an intrusion detection scans network traffic to detect anything potentially malicious. I don’t know your exact router model but I suspect it’s way too weak to run intrusion detection. If you have a switch that’s capable of mirroring you could use that to utilize a more powerful machine to scan network traffic.
Ah gotcha. Makes sense. Would something like WatchYourLAN or Pi.Alert be good?
It’s a good way to see if someone has cracked your WiFi password for example so why not. Doesn’t add much security but better than nothing.
It sounds like you’re looking for intrusion detection or prevention rather than antivirus.
Great list here https://github.com/sbilly/awesome-security#ids--ips--host-ids--host-ips
However it’s likely that these do not run on asuswrt-merlin out of the box and may require additional setup or hardware.
You may even be good enough by using the built in firewall on the router interface and making sure no ports are open/forwarded.
Yea I think intrusion detection is what I want. I’ll have a look at that page, but I may end up just going with pfsense one day.