Client: - Install nmap/tshark - Config/forward ssh port - setup router nmap: - scan port: can't be all port, it would take a long time - generate reports, read and display related information - further analysis? which are other open ports? operating system? tshark (need or not)? - need to run for a long period of time to be useful - capture the right packages for useful information (website - port 80, download/upload?) - need to capture only packages from/to IPs connecting to router. web: - display IP connections and related info (what else in terms of analysis?) - display bandwidth usages and visited websites. can be specific to an IP if necessary - Block websites/IP if possible with simple click other services: - notification of strange IPs (compared to registered IP) - notification of bad websites (compared to a website poll)
Client:
nmap:
tshark (need or not)?
web:
other services: