Not updated since 2.0.1-RELEASE (amd64) built on Tue Dec 13 14:25:00 EST 2011



  • Is there any real reason I should upgrade if I had zero issues and it still runs perfect and it's just for my household? Most security vulnerabilities seems to not affect me, but I could be wrong.



  • Not updated since 2.0.1-RELEASE

    :o  That's almost 5 years old.

    Most security vulnerabilities seems to not affect me, but I could be wrong.

    Ding ding ding ding!

    I don't see any reason as to why not keep it up to date.  It's free, fast, and usually painless.  Even if something goes wrong, you can easily get back up with your saved config.xml backup.



  • Well i'm running the nanobsd version and it takes a bit to upgrade. Then if there are no serious issues why waste the time to upgrade?


  • LAYER 8 Netgate

    Wow.



  • No, I'm serious. Is there any remote security issues that could affect me?



  • Then if there are no serious issues why waste the time to upgrade?

    Do you upgrade your desktop OS and mobile phone?

    Is there any remote security issues that could affect me?

    Maybe?  Nobody is going to go through the list of all bugs fixed & all security advisories over the past 5 years and give you a nice summary.  That's your job.  Of course, if you upgrade regularly then you don't have to worry about that.



  • Maybe?  Nobody is going to go through the list of all bugs fixed & all security advisories over the past 5 years and give you a nice summary.  That's your job.  Of course, if you upgrade regularly then you don't have to worry about that.

    Ye that is probably the thing I want to know. And like you said that's my job and so far it seems ok.



  • The short answer is absolutely yes. You should update, and you should keep up to date. This is a basic precept of security.

    https://www.pfsense.org/security/advisories/
    https://www.freebsd.org/security/advisories.html



  • I read most of those and in no way do they state that my version is vulnerable to anything.

    Edit: And by that I mean they do not talk about issues where you leave the web-gui or similar accessibly to the outside or any remote attacker.



  • Suit yourself.  As a home user, you likely have nothing of value to a human attacker anyway.  I don't have anything of any real value on my home network.  It's not just you that you must consider.  If you somehow become part of a botnet, then you are a participant in what is quickly becoming a massive global problem.  For the most part, I believe you're more likely to get owned by a misconfiguration or a bug in the app stack of a NATed server rather than a zero-day bug in FreeBSD under pfSense.  That said, I would never subscribe to that school of thought.



  • @KOM:

    become part of a botnet

    That is something I haven't thought about! But I still see no evidence of any remote attacks on my version of pfsense.


Log in to reply