It's Wrong Not To Have An Update Up-To-Date Image On The Download Server

abcuser2021 · March 26, 2021, 07:37:35 AM

It's wrong to put an outdated and vulnerabilities filled opnsense image file on the download page. The image file should be updated as frequently as possible (it should at least be updated on a weekly basis).

It took me just a few minutes to down the image file but an hour plus to update it to the latest version. That one hour long update is enough for an attacker to break into my system. I installed the opnsense image and updated it to the latest version and setup everything nicely but the moment my raspberry pi (with fresh install OS) on the lan side went online, it got hacked and remotely turn off by the attacker.

So you see, it's wrong not to patch the image file to the latest and equally wrong not to pack the latest ET rules into the image file.

franco · March 26, 2021, 09:00:44 AM

Sure, just make sure to fund the work hours required to vet images for publication.

You see, publishing images is not the same as making sure they work.

Cheers,
Franco

chemlud · March 26, 2021, 09:07:28 AM

Quote from: abcuser2021 on March 26, 2021, 07:37:35 AM
...the moment my raspberry pi (with fresh install OS) on the lan side went online, it got hacked and remotely turn off by the attacker.
...

So it was still user pi / password raspberry? No exposure to the WAN (open ports in OPNsense)?

No other LAN clients compromised?

franco · March 26, 2021, 09:59:56 AM

Wait what we are talking experimental ARM images? Hooray for open source :)

chemlud · March 26, 2021, 10:08:28 AM

Quote from: franco on March 26, 2021, 09:59:56 AM
Wait what we are talking experimental ARM images? Hooray for open source :)

I always thought that my English is not that bad, but sometimes I simply don't get it... :)

You mean something like this:

https://forum.opnsense.org/index.php?topic=12186.msg105654#msg105654

?

franco · March 26, 2021, 10:16:49 AM

Yes, experimental community work.

Cheers,
Franco

chemlud · March 26, 2021, 10:33:43 AM

ARM is the future! Go ahead ;-)

lfirewall1243 · March 26, 2021, 10:41:57 AM

Quote from: abcuser2021 on March 26, 2021, 07:37:35 AM
It's wrong to put an outdated and vulnerabilities filled opnsense image file on the download page. The image file should be updated as frequently as possible (it should at least be updated on a weekly basis).

It took me just a few minutes to down the image file but an hour plus to update it to the latest version. That one hour long update is enough for an attacker to break into my system. I installed the opnsense image and updated it to the latest version and setup everything nicely but the moment my raspberry pi (with fresh install OS) on the lan side went online, it got hacked and remotely turn off by the attacker.

So you see, it's wrong not to patch the image file to the latest and equally wrong not to pack the latest ET rules into the image file.

IDK what you have done - but i don't think thats the fault of an OPNsense 21.1 System

abcuser2021 · March 26, 2021, 06:25:49 PM

Quote from: franco on March 26, 2021, 09:00:44 AM
Sure, just make sure to fund the work hours required to vet images for publication.

You see, publishing images is not the same as making sure they work.

Cheers,
Franco

There's no need to update all mirrors site image files every week if there's no man power to do so but an up to date image that includes all security fixes should be made available to users on opensense website.

Quote from: franco on March 26, 2021, 09:59:56 AM
Wait what we are talking experimental ARM images? Hooray for open source :)

No, it's not ARM image. The raspberry pi is a client on lan network.

franco · March 26, 2021, 06:28:34 PM

There's still essential context missing from your request plus ambiguity regarding what an up to date image is? 6 months? More, less?

Cheers,
Franco

abcuser2021 · March 26, 2021, 06:37:45 PM

Quote from: chemlud on March 26, 2021, 09:07:28 AM
Quote from: abcuser2021 on March 26, 2021, 07:37:35 AM
...the moment my raspberry pi (with fresh install OS) on the lan side went online, it got hacked and remotely turn off by the attacker.
...

So it was still user pi / password raspberry? No exposure to the WAN (open ports in OPNsense)?

No other LAN clients compromised?

No open ports on wan and pi password had been changed to a 16 characters password.
The crooked Telco staffs are part of the attackers. They have been attacking my pc, laptops and phones and turning off my devices is part of the their attack.

abcuser2021 · March 26, 2021, 06:42:26 PM

Quote from: franco on March 26, 2021, 06:28:34 PM
There's still essential context missing from your request plus ambiguity regarding what an up to date image is? 6 months? More, less?

Cheers,
Franco

Whenever there's a base update or security fix, the image file should be updated and published on daily or weekly basis.

lfirewall1243 · March 26, 2021, 06:47:42 PM

Quote from: abcuser2021 on March 26, 2021, 06:37:45 PM
Quote from: chemlud on March 26, 2021, 09:07:28 AM
Quote from: abcuser2021 on March 26, 2021, 07:37:35 AM
...the moment my raspberry pi (with fresh install OS) on the lan side went online, it got hacked and remotely turn off by the attacker.
...

So it was still user pi / password raspberry? No exposure to the WAN (open ports in OPNsense)?

No other LAN clients compromised?

No open ports on wan and pi password had been changed to a 16 characters password.
The crooked Telco staffs are part of the attackers. They have been attacking my pc, laptops and phones and turning off my devices is part of the their attack.

There isn't such a security bleach that makes these attacks possible in 21.1

chemlud · March 26, 2021, 08:13:46 PM

Quote from: abcuser2021 on March 26, 2021, 06:37:45 PM
Quote from: chemlud on March 26, 2021, 09:07:28 AM
Quote from: abcuser2021 on March 26, 2021, 07:37:35 AM
...the moment my raspberry pi (with fresh install OS) on the lan side went online, it got hacked and remotely turn off by the attacker.
...

So it was still user pi / password raspberry? No exposure to the WAN (open ports in OPNsense)?

No other LAN clients compromised?

No open ports on wan and pi password had been changed to a 16 characters password.
The crooked Telco staffs are part of the attackers. They have been attacking my pc, laptops and phones and turning off my devices is part of the their attack.

So basically "the Telco staff" is walking through (fire)walls? If your thread modell includes the NSA/GCHQ forget about anything to keep your privacy short of throwing all electronics into the trash.

Otherwise consult your doctor for adjustment of medications...

allebone · March 26, 2021, 09:42:27 PM

I love threads like this. They bring joy to my Fridays.

It's Wrong Not To Have An Update Up-To-Date Image On The Download Server

abcuser2021

March 26, 2021, 07:37:35 AM Last Edit: March 28, 2021, 03:27:36 AM by abcuser2021

franco

March 26, 2021, 09:00:44 AM #1

chemlud

March 26, 2021, 09:07:28 AM #2

franco

March 26, 2021, 09:59:56 AM #3

chemlud

March 26, 2021, 10:08:28 AM #4 Last Edit: March 26, 2021, 10:33:06 AM by chemlud

franco

March 26, 2021, 10:16:49 AM #5

chemlud

March 26, 2021, 10:33:43 AM #6

lfirewall1243

March 26, 2021, 10:41:57 AM #7

abcuser2021

March 26, 2021, 06:25:49 PM #8

franco

March 26, 2021, 06:28:34 PM #9

abcuser2021

March 26, 2021, 06:37:45 PM #10

abcuser2021

March 26, 2021, 06:42:26 PM #11

lfirewall1243

March 26, 2021, 06:47:42 PM #12

chemlud

March 26, 2021, 08:13:46 PM #13

allebone

March 26, 2021, 09:42:27 PM #14