Messages

1

Zenarmor (Sensei) / Re: Sensei on OPNsense - Application based filtering

« on: October 18, 2018, 07:11:19 pm »

Hi @jjanzz,

We're currently working with OPNsense for the integration. As a part of this process, OPNsense started providing some of our dependencies. We'll update our installer and package to be compatible with the latest changes on OPNsense package repository, soon.

It seems that some of the dependencies not satisfied (namely, some configuration files of elasticsearch, and some java dependencies). We'll fix this urgently.

Right now, you can register for download and we'll send you a download link as soon as we fix the dependency issue.

2

Zenarmor (Sensei) / Re: Sensei on OPNsense - Application based filtering

« on: October 16, 2018, 12:49:50 am »

@Csykes27 thanks for reporting. We've heard this issue for the first time actually. Let's debug what is causing this together.

I shall be contacting you soon to resolve the issue.

3

Zenarmor (Sensei) / Re: Sensei on OPNsense - Application based filtering

« on: August 31, 2018, 01:10:20 am »

Hi @mimugmail,

I am Hayati from SVN team.

As you probably know that TLS 1.3 has been finalized in this month after 28 drafts. TLS 1.3 will obviously dominate over other versions and most of the Linux/Unix distros and libraries should be giving support for it, sooner or later. This is no different for us.

We've been closely watching its progress and discussions on the TLS working group during our whole product development. So we expected and prepared for it, and Sensei's TLS inspection has been designed by taking TLS 1.3 into account. We'll be able to provide TLS 1.3 inspection without downgrading TLS version.

We expect the transition to TLS 1.3 in the field will start with the popular tls libraries following with the applications that are dependent on them. This will take some time. We target to be among the first network security providers to support TLS 1.3 with its most potential.

I've uploaded a video to SVN youtube channel illustrating TLS Inspection in action: https://www.youtube.com/watch?v=krG_VKt2_qk

4

18.1 Legacy Series / connection to a nonserving port on localhost

« on: July 06, 2018, 07:08:35 pm »

Hi,

I want to learn the reason why a connection to the localhost for a non-listening port not getting "connection refused".

For instance let's say port 7777 is not listening on localhost.

The command:

curl localhost:7777

does not get connection refused error, but it just waits. When I do a tcpdump all I can see is a Syn packet. No Syn+Ack or rest. When I look at the fw rules, it says that it has passed as below:

Code: [Select]

fw filterlog: 72,,,0,lo0,match,pass,in,4,0x0,,64,0,0,DF,6,tcp,60,127.0.0.1,127.0.0.1,10193,7777,0,S,3958098552,,65228,,mss;nop;wscale;sackOK;TS
fw filterlog: 73,,,0,lo0,match,pass,out,4,0x0,,64,0,0,DF,6,tcp,60,127.0.0.1,127.0.0.1,10193,7777,0,S,3958098552,,65228,,mss;nop;wscale;sackOK;TS

It is a clean opnsense installation, and all updates are made.

Thanks