
Quoting Robert Brown (rebrown@exemail.com.au):
So maybe I will re-frame my original question.
Not being a developer or other IT professional, what software package could be put together on say, a Raspberry Pi or other device, that could be a watchdog against invasion/intrusion of our home networks? Can it do as good or better than what an Akita claims?
My upthread answer concerning Akita's offering might have been just a little cynical and flippant. My experience is that 'active defence' technologies are likely to backfire in various ways, thus my jibe about DoSing yourself (meaning doing a Denial of Service against yourself). That's not even counting the various potential downsides of outsourcing that entire task (along with a huge amount of sensitive information about your computing) to some distant group of people you don't even know at all (who in this case are a firm named Axius). What Linux and the constellation of open source (and proprietary) software codebases for it give you -- that I'm acquainted with -- is an enormous variety of security monitoring and network management kits. Those include, as you noticed, network intrusion detection system (NIDS) codebases such as Snort, OpenWIPS, etc., and host-based intrusion detection systems such as OSSEC. In general, it would be up to you to configure and deploy that software for your particular purpose and situation. In general, that software would not come preconfigured to actively network-isolate using ARP table entries or othrwise devices of yours whose network activity it decides it doesn't approve of (the 'active defence' part that I deem likely to shoot at your feet). What my upthread comment was intended to suggest, albeit flippantly, is that there's an entire huge discussion you're skipping about what it is, and is not, wise to attempt to do, and why. Perhaps your best move would be to start learning network security at a fundamental level, though I most certainly understand the urge to want to buy a packaged product instead of climbing that mountain. Bruce Schneier the security writer has a famous saying: 'Security is a process, not a product.' Of course, people selling security products do not concur. ;-> Axius are, I will readily admit, not at all wrong that the emerging Internet of Things is a security calamity waiting to happen. I'm sure they are not the first or the last people who'll argue 'Well, just outsource the entire issue to us, then.'