I was trying to compile the images of these: Security Focused LEDE Build. 161 Routers supported so far ( TP-Link, Arduino, Archer, Linksys, Netgear, Ubiquity and more )
For devices with the ipq806x architecture and I crashed three times, this ha never happened when I compiled all the other ones.
Even tried 'make -j1' and same issue on both vm and just regular ubuntu on a USB stick.
Do I have to pay attention to something else that I'm not aware of?
What's your opinion on RandomDNS?
I'm planning to keep updating the security builds. Besides what is already included, what do you guys reccommend/use when it comes to router security?
I have some ideas that I can't execute right now because I'm a slow learner: I was considering adding a clan so one of the ports is used exclusively to log into the router (said port should isolated and not able to access the internet at all. I plan to make it optional), implement Ipsets in order to block/prevent random port scans from certain countries, start using the dnscrypt blacklist and even take a look at the https everywhere python script th0mas mentioned a few months ago.
Don't expect the last two very soon tho, I might have to ask for help and read.
What's the minimum amount of packages required to make unbound and dnssec work? I would like to give 841n a second shot with this since it's one of the most popular and accessible models out there.
Would it be possible to compile images for all devices of every architecture at the same time? (This a not proper wording, my English is bad but I hope you get the idea).
One last thing about dnscrypt: would you be interested in having a LEDE dnscrypt resolver with dnssec available aswel? I feel like there's not a lot of options when it comes to dnssec+crypt resolvers unless you live in Europe. USA only has like two I think.
Thanks in advance, and sorry for the bible.
EDIT: Would it be possible to supend all logins (luci and ssh) for 10 minutes after 3 or 5'failed attempts? Thanks.