Skynet Skynet - Router Firewall & Security Enhancements

[CarlyElise]

Do you also happen to have Stubby DNS installed? In my experience, that was the script causing issues with Steam - not Diversion or Skynet.

No I do not or should I say I don’t know if I am... haha... I am not very experienced in this arena... only know enough to learn a little more and be dangerous. lol

 

[Adamm]

Thanks Guys. I have Skynet up and running. I have been running Pi-Hole as my DNS server. Is there any reason why I shouldn't continue to run Pi-Hole along side of Skynet now?

Skynet = IP based blocking
PiHole = DNS based blocking

If you were to add Diversion to your router, you could essentially get rid of Pi-Hole as they do the same job, except you can have the DNS Adblocker (Diversion) running right on your router.

I don’t suppose anyone out here could help me get this installed on a GT-AC5300??? No Merilin (



Asus GT-5300
TP-Link T2600G-18TS, TP-Link, Archer A7
Splunk 7.2.6, Homemonitor 4.5.1, Splunk Stream

Unfortunately Skynet only supports Merlin based firmware, ipset and other functionality isn't available in the stock firmware.

Do you also happen to have Stubby DNS installed? In my experience, that was the script causing issues with Steam - not Diversion or Skynet.

I don't think stubby would be the issue either, stubby is based around encrypting DNS requests which have no actual impact on line speed.

 

[EeK]

I don't think stubby would be the issue either, stubby is based around encrypting DNS requests which have no actual impact on line speed.

I posted about my issue on the thread dedicated to Stubby, but, in summary, I found out that it was causing problems with Steam, namely: abnormally low download speeds (updates being downloaded at 8 Kbps on a 300 Mbps connection) and the Steam website/store not loading or taking ages to load. Uninstalled the script and everything went back to normal.

Still waiting for a reply on the other thread to find out what exactly is going on between Stubby and Steam.

Edit: I realize that the post to which I originally replied (by @Ubimo) is from 2018, but it was the only mention of Steam issues with any of the scripts I'd installed on my router, and I found it when looking for answers on the SNB forums.

 

[CarlyElise]

Skynet = IP based blocking
PiHole = DNS based blocking

If you were to add Diversion to your router, you could essentially get rid of Pi-Hole as they do the same job, except you can have the DNS Adblocker (Diversion) running right on your router.



Unfortunately Skynet only supports Merlin based firmware, ipset and other functionality isn't available in the stock firmware.



I don't think stubby would be the issue either, stubby is based around encrypting DNS requests which have no actual impact on line speed.

Can I ask you an sort of off topic question? I have had a fairly awful experience with the GT-AC5300 and am planning on returning it and purchasing the RT-AX88U and wondering what your thoughts are. It looks to be comparable and can run Merlin which is something I would like. Thanks in advance.

 

[jsbeddow]

Can I ask you an sort of off topic question? I have had a fairly awful experience with the GT-AC5300 and am planning on returning it and purchasing the RT-AX88U and wondering what your thoughts are. It looks to be comparable and can run Merlin which is something I would like. Thanks in advance.

Yeah, that is more than a little bit off-topic for this thread, try searching and/or reading through here for general assessments of the RT-AX88U:
https://www.snbforums.com/threads/asus-rt-ax88u-experiences-discussion.49427/

 

[martinr]

Can I ask you an sort of off topic question? I have had a fairly awful experience with the GT-AC5300 and am planning on returning it and purchasing the RT-AX88U and wondering what your thoughts are. It looks to be comparable and can run Merlin which is something I would like. Thanks in advance.

Welcome to the forum.
No personal experience but I ran a quick Google search (in preference to a forum search) to get a feel for its reliability (search terms like: asus merlin RT-AX88U) and this thread popped up, which might be if interest:

https://www.snbforums.com/threads/asus-rt-ax88u-experiences-discussion.49427/

Certainly, you are right to ask before buying: some models seem to be considerably more reliable than others, or, a better way of putting it would be to say that one or 2 models do seem to have some quirky issues.

From personal experience I can say that, unless you need some top-of-the-range feature, the RT-AC68U is unlikely to cause you any (hardware) problems.

 

[truglodite]

Do you also happen to have Stubby DNS installed? In my experience, that was the script causing issues with Steam - not Diversion or Skynet.

Thanks for posting this! Sounds like folks may need to start pinging steam about the issue... as DoT rolls out they'll definitely need to fix it.

My son just got Rust and it was really slow loading (in fact I never personally saw it actually load up after watching it for 10min, but my patient son says it eventually loads, LOL). Now I think I know why. His laptop is now bypassing stubby and using opendns family (via lan dns filter)... loads up fast now.

Kevin

 

[EeK]

Thanks for posting this! Sounds like folks may need to start pinging steam about the issue... as DoT rolls out they'll definitely need to fix it.

My son just got Rust and it was really slow loading (in fact I never personally saw it actually load up after watching it for 10min, but my patient son says it eventually loads, LOL). Now I think I know why. His laptop is now bypassing stubby and using opendns family (via lan dns filter)... loads up fast now.

Kevin

No problem. I'd only found one instance of someone having issues with Steam on these forums and I'm glad I was able to pinpoint the culprit and publicize the issue, so other users like you can see it (even if Valve are the ones at fault).

For now, I'm keeping Stubby uninstalled.

 

[Treadler]

No I do not or should I say I don’t know if I am... haha... I am not very experienced in this arena... only know enough to learn a little more and be dangerous. lol

A bit of that goes on around here - me too!

 

[Skeptical.me]

Just a quick question,

If I have Skynet (and Diversion) do I really need AiProtection enabled? Currently I have AiProtection switched off. But I was just wondering as Skynet sounds like it takes care of a lot of the security features AiProtection offers (however, my knowledge is limited).

 

[Butterfly Bones]

Just a quick question,

If I have Skynet (and Diversion) do I really need AiProtection enabled? Currently I have AiProtection switched off. But I was just wondering as Skynet sounds like it takes care of a lot of the security features AiProtection offers (however, my knowledge is limited).

See Adamm's reply to another person asking the same question.
https://www.snbforums.com/threads/r...urity-enhancements.16798/page-227#post-486086

 

[Treadler]

Just a quick question,

If I have Skynet (and Diversion) do I really need AiProtection enabled? Currently I have AiProtection switched off. But I was just wondering as Skynet sounds like it takes care of a lot of the security features AiProtection offers (however, my knowledge is limited).

IMHO, Skynet, AiProtect & Diversion complement each other.
They ‘play nice’ together.
Work well for me.

 

[Skeptical.me]

See Adamm's reply to another person asking the same question.
https://www.snbforums.com/threads/r...urity-enhancements.16798/page-227#post-486086

Data Collected:

• Product information, such as MAC address, device ID,
• 1. **Public IP address of the user’s gateway to the Internet
• Mobile/PC environment
• Metadata from suspicious executable files
• 2. **URLs, Domains and IP addresses of websites visited
• Metadata of client/device managed by gateway product
• Application behaviors
• Customer behavior [See Hedwig]
• Information from suspicious e-mail, including sender and receiver email address, and attachments
• Detected malicious file information
• Detected malicious network connection information
• Debug Logs
• Network Architecture/Topology
• 3. **Screen capture of errors

According to: https://www.trendmicro.com/en_us/about/legal/privacy-policy-product.html the above information is collected ... does anyone know which AiProtection services I can switch off to stop the collected information I have highlighted? I know you guys have probably heard this a thousand times over, but I just feel a bit uncomfortable about these things being collected.

 

[Butterfly Bones]

Data Collected:

• 
  
  
  • Product information, such as MAC address, device ID,
  • 1. **Public IP address of the user’s gateway to the Internet
  • Mobile/PC environment
  • Metadata from suspicious executable files
  • 2. **URLs, Domains and IP addresses of websites visited
  • Metadata of client/device managed by gateway product
  • Application behaviors
  • Customer behavior [See Hedwig]
  • Information from suspicious e-mail, including sender and receiver email address, and attachments
  • Detected malicious file information
  • Detected malicious network connection information
  • Debug Logs
  • Network Architecture/Topology
  • 3. **Screen capture of errors

According to: https://www.trendmicro.com/en_us/about/legal/privacy-policy-product.html the above information is collected ... does anyone know which AiProtection services I can switch off to stop the collected information I have highlighted? I know you guys have probably heard this a thousand times over, but I just feel a bit uncomfortable about these things being collected.

See this article. I blacklisted all URLs listed using Diversion.
http://www.weatherimagery.com/blog/asus_trendmicro_data_collection/

 

[Skeptical.me]

See this article. I blacklisted all URLs listed using Diversion.
http://www.weatherimagery.com/blog/asus_trendmicro_data_collection/

Thank you, I'll give it a read now.

 

[Skeptical.me]

See this article. I blacklisted all URLs listed using Diversion.
http://www.weatherimagery.com/blog/asus_trendmicro_data_collection/

Holy C$%p ... I'm blocking those now. I've actually seen those addresses before but I wasn't sure were to block them. But if it's just a matter of blocking them in Diversion I can do that quite quickly.

Thanks for that, mate.

I am someone who cares to seek to minimize privacy intrusion.

 

[martinr]

See this article. I blacklisted all URLs listed using Diversion.
http://www.weatherimagery.com/blog/asus_trendmicro_data_collection/

And so far as you know, all elements of AIProtection continue to function?

On the Admin page, Privacy tab, there are 2 “Withdraw” buttons. I was tempted to press the bottom one and then go and see if any of the sliders in AIProtect had shifted to OFF, but I like your solution, especially if nothing breaks.

 

[Butterfly Bones]

Holy C$%p ... I'm blocking those now. I've actually seen those addresses before but I wasn't sure were to block them. But if it's just a matter of blocking them in Diversion I can do that quite quickly.

Thanks for that, mate.

I am someone who cares to seek to minimize privacy intrusion.

Yes, I was attempting to do it in Skynet, but there are so many hosts that finding all those IPs was daunting. Skynet is IP based where Diversion is host name based, so I added them there.

 

[Butterfly Bones]

And so far as you know, all elements of AIProtection continue to function?

On the Admin page, Privacy tab, there are 2 “Withdraw” buttons. I was tempted to press the bottom one and then go and see if any of the sliders in AIProtect had shifted to OFF, but I like your solution, especially if nothing breaks.

Yes, AIprotection seems to work. I rarely get hits there, but I do occasionally, like shopping for new eyeglasses the other day, one site triggered 41 blocks!

I turned off those permissions, but to use AIProtection, one needs to be back on. I use Asus DDNS and the other is on. I do not need to access my router remotely very often, but I will be gone two months this summer, and want to make certain I can access via my VPN servers, so I have it setup. Just need to investigate other / better resources for DDNS.

 

[Skeptical.me]

Yes, AIprotection seems to work. I rarely get hits there, but I do occasionally, like shopping for new eyeglasses the other day, one site triggered 41 blocks!

I turned off those permissions, but to use AIProtection, one needs to be back on. I use Asus DDNS and the other is on. I do not need to access my router remotely very often, but I will be gone two months this summer, and want to make certain I can access via my VPN servers, so I have it setup. Just need to investigate other / better resources for DDNS.

Awesome! I've done it, and everything seems to be working well.

Thanks again!