I love the feature! Can you pull it on pfSense? Could drive people away from the darned proxy stuff.  ;D ;D ;D

I used Astaro/Sophos at home for a couple or three years.

It, like pfSense, takes some getting used to and networking knowledge to make work.

It's URL filtering and Antivirus are an integrated part of the product, and is free to license for home users (or at least it used to be).  If that is important to you, it might be worth a look.

Its hardware requirements are larger.  If you like a more modern GUI, that might be for you, but it's very, very javascript-heavy.  I don't think it'll run on a serial console node, and to run it in a business setting is not cheap.

It's Linux/iptables not FreeBSD/pf.

The 50 local IP address limit is probably going to be enough for most home users.  It used to be 10.  I was one of the people squawking loudly and they eventually upped it to 50.  Never came close to the state limit.

I can't remember why I switched back to pfSense, to tell you the truth.  Probably the less expensive (!) licensing for businesses.

Sophos UTM is a solid product.  Or at least it was since about the time Sophos bought Astaro.  Haven't looked at it much since.

Does he really have to use profanity all thru the video? Makes him look really immature.

I don't think its that big a deal but these guys need something to write about I guess.

And now you are chatting me?

Ohhhhhh…  Yeah.  You are screwed for sure.

Seriously, these days I'd be surprised if some public service wasn't archived forever...

$csrf = substr($buffer, strpos($buffer,'sid:') , 110);

Actually needs to be $csrf = substr($buffer, strpos($buffer,'sid:') , 55); in order to get the csrf token working.
This is because the token length is 55.

We're doing some internal testing yet but it is quite close.

The abacus doesn't even need to exist.  ;)

http://www.newscientist.com/article/dn20775-mental-abacus-does-away-with-words.html

Steve

And if you stop applying patches then you won't get new Microsoft bugs.

Thinking back, I had to buy an winsock2 software just to get wfw 3.11 to connect to the internets..

@stan-qaz:

From the first link:

We built two working privilege escalation exploits that use this effect. One exploit uses rowhammer-induced bit flips to gain kernel privileges on x86-64 Linux when run as an unprivileged userland process. When run on a machine vulnerable to the rowhammer problem, the process was able to induce bit flips in page table entries (PTEs). It was able to use this to gain write access to its own page table, and hence gain read-write access to all of physical memory.

So it isn't a random flip and hope issue but something that can be targeted at a specific machine.

Yeh, that's why I put "random" in quotes. It takes some number of (re)writes to for the bit flips to happen, and it depends on analog charge leakage properties of the memory storage locations. That will vary from location to location, chip to chip, brand to brand… So any attack can be statistically targeted in a way that does make it "possible" to achieve bit flips in something like the bit pattern the attacker is aiming for.

The articles I have seen do not give any idea about how well targeted the bit flipping can be in real life - i.e. on a typical real-world system with other user processes doing real stuff, how many times does the attacking code bugcheck the system, compared to achieving exploitable privilege escalation without bugchecking the system.

To make sheeples see green instead of red….

I think this article nails the case. they have my market at #1 checkmated by Verizon. Totally correct as well.

http://www.techrepublic.com/article/the-google-fiber-lottery/

HFSC is inter-queue and FAIRQ is intra-queue. Another way to put it is HFSC decides which queue goes next and FAIRQ decides which packets leave a queue.

https://blog.pfsense.org/?p=1588

Now hook in some BSDploy (http://docs.bsdploy.net/en/latest/)