I at the moment a house setup that I consider to be weak. The setup features a spectrum modem and router (which I feel has been compromised), a piece computer, a MacBook Pro 2014 (verified rootkit – don’t use it anymore), low-cost Lenovo thinkcentre w refurb components (insecure, bsod on a regular basis), an iPhone (new) an iPad (oldish) a brand new sensible television and an older sensible television with Roku.
I wish to begin from scratch and guarantee my residence community is secure so I can simply function in my every day life – day commerce, work at home, have a normal stage of safety and hardening. My query is, what’s the appropriate order of operations to create a secure community and forestall any worms or reinfection of different units? I’m planning to create a brand new iCloud account in addition to I’ve seen some odd issues taking place with my iCloud information currently (image overlays, big image sizes from duplicates and many others).
I’m disposing of each of my private machines. I plan to purchase a Mac mini and doubtlessly an affordable laptop computer for buying and selling solely. I purchased a flint modem and wish to setup a number of vlans and pfsense if needed. I’d like to make use of the Mac mini to make use of as a testing surroundings to see if I can hack my community and safe it accordingly. Is that this the suitable place to ask? I don’t know the place to show…
My purpose is to have a secure community the place I can:
Day commerce (want computer for dealer)
Work at home
Have a testing surroundings
Triggers when suspicious exercise happens
File music (therefore Mac)
Have a visitor community
Stream/do primary stuff/have entry to non-public information
My pondering is..
Procure new router (carried out), Mac mini and modem(do I would like a brand new modem?) my connections are all supplied by way of spectrum: cellular and WiFi.
Plan:
Disconnect/unplug all units
Activate machine – Mac mini – harden it as a lot as attainable (might use assist right here). Flip off sharing and many others. get little snitch in some way (must discover a trusted WiFi community).
Plug in router, use safe system (mac) to replace firmware and openwrt (how do I be sure the connection is safe when downloading the firmware and openwrt? Go to a library? Idk caught right here). Replace router settings to dam incoming and outgoing apart from key ports (might use assist there), flip off upnp, port forwarding, and many others. arrange vlans for work computer, iots, cellphone, take a look at surroundings, and visitor community.
Use pfsense as a secondary firewall (probably not positive how to do that however will analysis extra).
Join router to modem, join machine to router on appropriate vlan and use zenmap to see what’s taking place.
Wipe units as needed, create new iCloud account, save all previous iCloud information to exterior drive, and get a password supervisor.
And so forth… use testing surroundings to verify for suspicious conduct.
I’m clearly not an IT whiz, I’m a mechanical engineer, I simply need a secure community and I’m fairly positive my stuff just isn’t secure. Bizarre stuff occurs with my Mac (rootkit confirmed when tftp was working and restoration confirmed port 10010 was open with pid 0 and I couldn’t kill tftp together with diskutil having a number of preboots irrespective of what number of occasions I erased. Appeared like a kernel stage rootkit. My iPhone acts unusual, even the sensible television will do random issues. I’m unable to encrypt my electronic mail and I don’t belief downloading a certificates for mime and I def don’t belief google. I proceed to perform utilizing principally solely my work computer and iPhone. I would like to repair this quick.
Please suggest path of least resistance and fewest bills to create a safe community from scratch and be certain that it doesn’t have any identified vulnerabilities. I will probably be eternally grateful. I’ve been taking programs on community safety they usually simply lead me down rabbit holes. Please, somebody simply give me course on find out how to proceed. Thanks a lot prematurely.