How to PREVENT ISP from ACCESSING my PFSENSE?

PowerSing

This post is deleted!

Rico

They can't access pfSense or your networks behind it.
Some ISPs have management access to their customers equipment like the modem/router (TR-069 for example) but that is typically connected to the pfSense WAN side. ;-)

-Rico

kiokoman

now and then someone comes here, pretending that isp or hackers, thanks to some elusive backdoor can do this.
it's a urban myth
they can access the modem before pfsense but nothing after it

JKnott

@PowerSing said in How to PREVENT ISP from ACCESSING my PFSENSE?:

He said that Belgium’s ISP has full access to their clients router/modem even if they are behind opensource firewall like Pfsense.

They have access to the modem and if it's in gateway mode they have access to the built in firewall too, just like here. Pfsense is connected after the modem and they wouldn't have access to it.

johnpoz

Wasn't there recently some thread where someone claimed that Belgium (maybe it was the whole EU) had access to pfsense via some backdoor? Where does this nonsense FUD get started??

Bob.Dig

@johnpoz From blocked Users?

johnpoz

Yeah it would be easier to just delete/block such FUD spreaders... But then again that could just feed their conspiracy nonsense. As they spread it elsewhere and state pfsense deleted my post, etc.

If someone does have legitimate concerns, and wishes to have an open discussion about their concerns, no matter the topic.. Then should be open for discussion.

Let the community respond, be it with scorn an ridicule or information to quell their fears. Normally its the latter - but some of these posts are just out there in the realm of flat earth and fake moon landing sort of nonsense.

If someone feels they have found a legitimate security issue, then appropriate information to support their findings really needs to be provided.. The more outlandish the claims are, the more overwhelming the evidence will need to be.

Whats the saying. ECREE "extraordinary claims require extraordinary evidence"

noplan

@Bob-Dig

regarding to EU LAW this is illegal and so a crime.

yes they have a sort of full access to their modems / routers whatever they call it.
(their = the owner of the device is the ISP)

yes there have been some hard rumors that pfS is not safe and got a backdoor
out here in austria too.

if u r paranoid enough u could believe that your data is so interesting that the ISP
does an man in the middle attack breaks up the ssl leaving the pfS sniffs through the content and wraps it up again to ssl both ways you know same for any VPN connection that runs over that ISP

cmooooooooon ....

but yes in the past there have been som ugly nasty crimes in belgium
and the cyber dev there is one of the finest in europe

br NP

johnpoz

It really is a pretty out there claim, that the EU - which has some of the highest levels of user privacy requirements on the planet. You can not do this or that with user data, you can not collect it, without specific disclosure of what your collecting and what your doing with it.

But then would also have requirements that the government/ISPs has backdoor access into every device connected to the internet?

I mean really?? This akin to saying the government has been putting fluoride in the water for mind control purposes.. Or that the whole covid thing is a plot to implant micro-chips into everyone and its all bill gates behind it ;)

JKnott

@noplan said in How to PREVENT ISP from ACCESSING my PFSENSE?:

yes there have been some hard rumors that pfS is not safe and got a backdoor
out here in austria too.

Pfsense is built with open source software, which means it can be examined for any such backdoor. It is simply not possible to hide a backdoor.

JKnott

@johnpoz said in How to PREVENT ISP from ACCESSING my PFSENSE?:

Or that the whole covid thing is a plot to implant micro-chips into everyone and its all bill gates behind it ;)

WHAT??? That's not true??? I guess I haven't been paying enough attention to QAnon.

noplan

@johnpoz

oh cmonnnn mind control ... with water hey thats so 90ties ;)

yep the GDPR (or in german DSGVO) is a though one

but an ISP grantin his tech Stuff access to their own property (the modem / router) is not a violation of the GDPR

but for real here in the EU there is no such "nasty" thing for us europeans, like the patriot act
to force you by law to hand over what teh feds want, but thats another ballgame.

johnpoz

Here you go

This proves it ;)

noplan

@JKnott

yes i got that point, and then we have to tell em again and again what open source is and how it works, bottom line they dont care, cuz its not cool when u r playin a round of golf and tellin them that u use open source software in your 60 Mio EUR company.

they want to tell yeah i m usin cisco n citrix or bara...

noplan

@johnpoz

welcome to the consulting hell !
;)

kiokoman

Cool_Corona

We will see soon enough.

Currently intelligence agencies in countries in the EU are gong through the code of pfsense and Opnsense.

And testing the shit out of it.

So I will get back with some more info on this topic if and when I have some info to spare.

AKEGEC

Hi, I am from Belgium and I can tell you that Belgium’s ISP Proximus (Belgacom Mobile N.V.) is owned by the Belgium government and it is abusing it’s monopoly power. This is still happening because the corrupt politicians (parasites) don't care what the people want.


@Bob.Dig, if you are referring blocked users as layoffs IT people, then I can tell you that you are wrong. That’s called courage. Just like Edward Snowden.
FYI I had working experience with some great people from the IT industry who worked closely with Belgium’s ISP. Most of them already resigned because they were forced to do things against their morals and values.


@johnpoz, the Belgium people only see the facts and not some conspiracy theory. For example we do believe that Covid-19 started from the Fort Detrick Biological warfare laboratories in Maryland. Because in that same year, people got influenza or pneumonia, they (The New York Times) said it was caused by vaping? lol. And the infected USA soldiers brought to Wuhan for the Military World Games 2019. Why WO/2020/060606? Easy, just connect the dots.

@noplan, they are foreigners who live and work in Belgium.


That being said, no software in this world is 100% attack proof. There are some unknown security holes to explore. Like I found the other day with Pfsense.
Why do you think the developers often updated/patched their softwares?

noplan

@Cool_Corona

and as long as they are testing we continue too

use it
promote it
consult it
support it
even sell it

cuz its a hostile world out there and its better to be prepared to fight

noplan

@C3G3K4 said in How to PREVENT ISP from ACCESSING my PFSENSE?:

Belgacom Mobile N.V.

53.3% + 1 share state owned ..... so far far away from a governmental controlled ISP

its just a european thing to own part of the critical infra structure

but as the folks here (@JKnott @johnpoz @Rico ) mentioned
They can't access pfSense or your networks behind it.

... or as I would add unless you opend your wif on WAN:443 ;)