1
General Discussion / It's Wrong Not To Have An Update Up-To-Date Image On The Download Server
« on: March 26, 2021, 07:37:35 am »
It's wrong to put an outdated and vulnerabilities filled opnsense image file on the download page. The image file should be updated as frequently as possible (it should at least be updated on a weekly basis).
It took me just a few minutes to down the image file but an hour plus to update it to the latest version. That one hour long update is enough for an attacker to break into my system. I installed the opnsense image and updated it to the latest version and setup everything nicely but the moment my raspberry pi (with fresh install OS) on the lan side went online, it got hacked and remotely turn off by the attacker.
So you see, it's wrong not to patch the image file to the latest and equally wrong not to pack the latest ET rules into the image file.
It took me just a few minutes to down the image file but an hour plus to update it to the latest version. That one hour long update is enough for an attacker to break into my system. I installed the opnsense image and updated it to the latest version and setup everything nicely but the moment my raspberry pi (with fresh install OS) on the lan side went online, it got hacked and remotely turn off by the attacker.
So you see, it's wrong not to patch the image file to the latest and equally wrong not to pack the latest ET rules into the image file.