So, I installed OpenWRT and love how this software really lets me control every aspect of the router. Can I donate to this project in any way? It is definitely worth paying for.
Now for my issue. I had a friend loose $250,000 of bitcoin to a hacker. Apparently bitcoin leaves a public record of every transaction. He thinks that a keylogger was remotely installed and the hacker got the key. This is my reason for my paranoia.
So, I want to build a home network as secure as possible using my old hardwar e. Yes, I understand that no system is secure. Even the NSA gets hacked. Still, I want to make my system like Fort Knox.
My system will be a laptop running coreboot, me cleaner and Seabios. OS will be Qubes. From there, I want to install OpenWRT onto my TP-Link Archer C60 and run a lan cable to that router, which will connect to an Asus RT-N66U also running OpenWRT. I want to connect the TP-Link to my Asus via a small lan cable so it can have the wan disabled but my Asus router should allow my wife and daughter to connect via the wan. 2.4 or 5 GHz but I'm not sure which one is better. Furthermore, I want the Asus router to connect directly to ExpresVPN and the TP-Link to connect directly to NordVPN. Since these VPNs only use specific ports (as per the config file), is it possible to restrict access to a single port like that and reject/close all other ports? Somewhere, I read that Ipv4 needs port 68.
I installed wireshark but don't know how to read the data. I see destinations like 239.192.152.143 using the LSD protocol but when I entered this address into my browser, the website doesn't exist.
I read the forums but just got confused. For example, disabling uPnP. Is that done via a config file or the setup webgui (luci)?
So, I am willing to pay someone for telling me how to follow Jeff's advice on setting the firewall properly, which scripts to run, how to disable IpV6, uPnP and do whatever it takes to make the router as secure as humanely possible. I read that suricata and other IDS programs probably won't run on the Asus router, so maybe that needs to run on my old laptop. Speed isn't that important to me, security is.
So, how much would anyone want to help me? Drop me a PM with the cost. I'm not computer savvy enough anymore to figure this out. My last experience with software was writing batch (.bat) files in DOS. Yup, that was before the internet even....
Thanks,