There isn't such a security bleach that makes these attacks possible in 21.1
Quote from: abcuser2021 on March 26, 2021, 06:37:45 pmQuote from: chemlud on March 26, 2021, 09:07:28 amQuote from: abcuser2021 on March 26, 2021, 07:37:35 am...the moment my raspberry pi (with fresh install OS) on the lan side went online, it got hacked and remotely turn off by the attacker. ...So it was still user pi / password raspberry? No exposure to the WAN (open ports in OPNsense)?No other LAN clients compromised?No open ports on wan and pi password had been changed to a 16 characters password.The crooked Telco staffs are part of the attackers. They have been attacking my pc, laptops and phones and turning off my devices is part of the their attack.So basically "the Telco staff" is walking through (fire)walls? If your thread modell includes the NSA/GCHQ forget about anything to keep your privacy short of throwing all electronics into the trash.Otherwise consult your doctor for adjustment of medications...
Quote from: chemlud on March 26, 2021, 09:07:28 amQuote from: abcuser2021 on March 26, 2021, 07:37:35 am...the moment my raspberry pi (with fresh install OS) on the lan side went online, it got hacked and remotely turn off by the attacker. ...So it was still user pi / password raspberry? No exposure to the WAN (open ports in OPNsense)?No other LAN clients compromised?No open ports on wan and pi password had been changed to a 16 characters password.The crooked Telco staffs are part of the attackers. They have been attacking my pc, laptops and phones and turning off my devices is part of the their attack.
Quote from: abcuser2021 on March 26, 2021, 07:37:35 am...the moment my raspberry pi (with fresh install OS) on the lan side went online, it got hacked and remotely turn off by the attacker. ...So it was still user pi / password raspberry? No exposure to the WAN (open ports in OPNsense)?No other LAN clients compromised?
...the moment my raspberry pi (with fresh install OS) on the lan side went online, it got hacked and remotely turn off by the attacker. ...
Quote from: lfirewall1243 on March 26, 2021, 06:47:42 pmThere isn't such a security bleach that makes these attacks possible in 21.1if you download the latest image now and install it on your system and than click on the "update" button, you would see a list of vulnerabilities and those vulnerabilities are published publicly and any attacker can exploit those vulnerabilities to hack into your opnsense firewall while you are updating it and as I have said the update took more than an hour so......there's plenty of time for them to attack the opnsense firewall.
Than proofe that these vulnerabilities are the reason for it.Because even if there's such a vulnerability the WAN is closed.Believe me - it security is part of my job. What You are talking here is bullshit, wrong and just bashingSo don't talk bad about something without facts...
abcuser2021 sole purpose here is to spread misinformation with an attempt to discredit OPNsense.Linux, OpenBSD, Windows and FreeBSD and others normally don't provide up to date downloads unless you download current snapshots or experimental builds. One must download the release version then install all the updates.If you're getting hacked you have some serious problems not related to OPNsense.
I don't see a reason here for discrediting. I asked for details twice but there aren't any. Not even sure which version we are talking about and if it was one that we published or not so from this perspective everything that needed to be done got done. Cheers,Franco
Quote from: lfirewall1243 on March 27, 2021, 06:40:36 amThan proofe that these vulnerabilities are the reason for it.Because even if there's such a vulnerability the WAN is closed.Believe me - it security is part of my job. What You are talking here is bullshit, wrong and just bashingSo don't talk bad about something without facts...Ya right, I'm sure you got Phd. in IT security. WAN is closed all is safe? Really?? You are working in IT security filed?? If WAN is closed all is safe then why the hell do we need IT security expert like you and why there's IPS/IDS etc at all?for one, packet can't be altered to mess up your firewall?I hope the company "hiring" you undestand what they are doing.
Quote from: abcuser2021 on March 28, 2021, 03:13:23 amQuote from: lfirewall1243 on March 27, 2021, 06:40:36 amThan proofe that these vulnerabilities are the reason for it.Because even if there's such a vulnerability the WAN is closed.Believe me - it security is part of my job. What You are talking here is bullshit, wrong and just bashingSo don't talk bad about something without facts...Ya right, I'm sure you got Phd. in IT security. WAN is closed all is safe? Really?? You are working in IT security filed?? If WAN is closed all is safe then why the hell do we need IT security expert like you and why there's IPS/IDS etc at all?for one, packet can't be altered to mess up your firewall?I hope the company "hiring" you undestand what they are doing.I don't say everything is safe when wan is closed.but most people are asking you to give us some facts about it - but no answer, so if you don't know how to use a computer, ask of help or stop it. But don't trollBut I think you're just trolling.[/quoteIt's not about proving and showing how the hacker exploit the vulnerability but recognising not making an updated image available could be a security risk for some users in some other country.The point here is recognising that it is a security risk that need to be sealed off.
Yawn, it's just continuous riffing on the same buzz words, but still nothing specific. ¯\_(ツ)_/¯Cheers,Franco
Quote from: franco on March 28, 2021, 01:49:21 pmYawn, it's just continuous riffing on the same buzz words, but still nothing specific. ¯\_(ツ)_/¯Cheers,FrancoSo... by pointing out - installing an outdated image that filled with security vulnerabilities and took more than an hour to update is a security risk - is not specific enough? ok then you can close this thread now.
