I am a grateful and happy home user of IPFire and trying to learn about using IPS.
The Emerging Threats Community Ruleset is probably sufficient, but you could use the Talos ruleset for registered users. A policy of Balanced-between-Security-and-Connectivity is probably sufficient. If you volunteer for a charity or similar and as a consequence keep either personal or financial information on your home network, you should consider the Talos ruleset for users with subscription, but you should be eligible for the personal use licence, which is much cheaper.
My questions re:
If you volunteer for a charity or similar and as a consequence keep either personal or financial information on your home network, you should consider the Talos ruleset for users with subscription, but you should be eligible for the personal use licence, which is much cheaper.
I don’t understand why a person who volunteers for a charity is mentioned in this paragraph. In other words, I dont understand how a person who volunteers for a charity would be different than a typical home user who does not volunteer. Most people, volunteer or not, would have their own and maybe other people’s (eg an accountant or any home based business) financial or personal info on their home computer.
I dont understand why a person who volunteers for a charity would necessarily have any more personal or financial information on a network than a person who does not volunteer for a charity. Many if not most volunteer positions do not require a person to take on additional financial or personal information and they did, it would not necessarily be on their own home computer, but on the charity’s computer.
I don’t understand how personal or financial information is kept on a home network. To me, information is transmitted thru a network, not kept on it.
This section implies to me that if financial or personal info is kept by a user, then particular rulesets should be used. This implies to me that other certain rule sets somehow are privacy invading, that they will somehow transmit personal or financial data to some third party, and this is a security risk. Is this the point of this paragraph?
I imagine thought that any ruleset should not be privacy invading…
Any clarification on this would be much appreciated.
I hope my questions don’t sound blunt, I honestly do not understand these points and not sure how to ask in a less blunt way
Thank you ahead of time.
PS if this documentation should be edited or re-written, I would be happy to do so (I’m a retired professor and have had some experience writing documentation) but first I need to know how things worrk.