Suricata VS wireguard-vyatta-ubnt

Linux has (free) tools to improve security and detect/remove malware: Lynis,Chkrootkit,Rkhunter,ClamAV,Vuls,LMD,radare2,Yara,ntopng,maltrail,Snort,Suricata...

Monitoring & Active Measures - Exporting firewall events to an external time-series database like I describe above is good to see who is touching your firewall or accessing your web site. Using an Intrusion Detection System / Intrusion Prevention System (IDS/IPS) such as open-source Suricata, which is a free package on pfSense, and deploying file system integrity monitoring, such as the open-source Wazuh on the exposed server are also good approaches to protecting yourself.

You could try running Suricata

Check out https://suricata.io/

Suricata: https://suricata.io/ IDS/IPS

Active Measures - Includes (IDS/IPS) such as open-source Suricata or Snort on pfSense, and File Integrity Monitoring (FIM), such as the commercial Tripwire and dated, open-source Tripwire, or the open-source Wazuh installed on servers. These can be combined into a Security Information and Event Management (SIEM) system like the open-source solution, Security Onion. Wazuh itself has evolved into a SIEM.

Active measures may include an intrusion detection system / intrusion prevention systems (IDS/IPS) such as open-source Suricata on the firewall, and installing file system integrity monitoring, such as the open-source Wazuh on the exposed server. These are combined in one open-source solution, Security Onion

Joining serverless environments like AWS Lambda to a mesh network has traditionally been difficult because you can't directly access the network interfaces on the hosts that run your functions. The NetBird netstack mode addresses this by providing a simulated TUN device and a SOCKS5 proxy that targets that device. This allows your Lambda function to access other services in your NetBird network via the proxy.

NetBird simplifies Kubernetes access with its zero-configuration approach, leveraging WireGuard's simplicity and strength. It seamlessly integrates with various tools, offering transparency and high reliability as an open source solution.

WireGaurd

As for remote access, you will need another computer to install tailscale or wireguard vpn to access your local devices https://www.youtube.com/watch?v=AkKz7Vza1rw and the official docs for up to date advice https://www.wireguard.com/ this doesn't require much to run, you can use any old family computer or some old quad core 2nd-4th gen intel desktop for 30 bucks off facebook marketplace. You can also use that same computer to run klipper if you install proxmox and have two separate linux virtual machines.

Um modo mais avançado de se proteger é utilizando protocolos de VPN mais modernos, como o WireGuard. Muitos provedores de VPN oferecem suporte a este protocolo, que além de muito simples de usar e além do mais é open source.

here u find out how wireguard works https://www.wireguard.com/

WireGuard is a VPN protocol developed several years ago which is exremely fast, lightweight, and uses state-of-the art cryptography. Its performance blows legacy VPN's out of the water.

Try vanilla. It solved all my problems bar none.