Admin password changed itself. Twice. Yes it did.
-
@jwt:
I’m asking what you would pay for pfSense on espresso.bin.
Doh… Of course, I misread your question as I was rushing to get out of the office.
Umm that's a good question. I can afford another $50 on top of my gold subscription.
-
-
@jwt:
-
Ignore the problem, and continue to put the trademark at risk
-
Close down 'free" pfSense. Forever.
-
Invest the time and resources in making sure that nobody can load pfSense without authorization from Netgate
We have, I think, played more than fair to this point, but this type of thing puts the business at risk in may ways.
I'm curious what the community thinks.
A subscription model would preferable to closing down 'free' pfSense.
-
-
@jwt, you may want to pull out some of this discussion (the what can/should we do) into a separate topic for wider community input.
My couple of cents:
Licensing: most/all of pfSense is it BSD or BSD-ish License? If so, that gives you one set of options. Other licenses (GPL, et al) mean other things.Defend the trademark as vigorously as possible, don't just give up on it.
Make it clear on the front page of the website that the only official systems preinstalled are from NetGate. Anything else is "buyer beware"."free" pfSense: this is a similar situation to ixSystems and FreeNAS, no? There is value to providing a user downloadable version for use on their own hardware. What you need to do is differentiate it enough from the officially installed on Netgate hardware so folks will try the free version and then buy the preinstalled. I know, hard to do. You can't cripple the free version, you need to make the preinstalled version have useful bells and whistles. The free version also lets people that have the ability and desire generate patches for you.
Activation keys: I understand the reason and logic, but have never liked them. Too much like a "you paid money for this but we're going to control your ability to run it". Is it a "one and done" so I can reinstall on different hardware as much as I want? Is it tied to a specific version of pfSense on a specific hardware platform meaning I can't move it to different hardware if something dies? Do different features require different activation keys? Are the keys going to expire (yearly subscription)?
I don't know what's right for the project, I've always been fine with paying a resonable price for something I need and for my home use the SG2440 was more than I needed but it was a reasonable price.
-
This thread been mentioned on the reddit pfsense section.. One of the comments pointed out the seller of that box also sells a pc.. And states this on the specs.. If you want the link find it on the reddit thread..
"System: Free Operating System: Default installed our activated OEM cracked version(not genuine, works good)Windows English for free,
other languages can be selected among: "WTF?? This is starting to turn into a get some popcorn sort of thread ;)
-
WTF indeed.
-
I'll add in another WTF. @johnpoz, I don't spend much/any time on reddit, so did not realize the exposure. Thanks
-
Grab the popcorn and enjoy… Mr Robot started early. :-[
-
@mer:
I don't spend much/any time on reddit
Not missing much there - at least not in the pfsense sub ;) Its better than the facebook pfsense stuff, but lots of WTF threads there all the time - hehehe
edit: There was a comment to the OP competence that gave me a nice chuckle..
-
"System: Free Operating System: Default installed our activated OEM cracked version(not genuine, works good)Windows English for free,
other languages can be selected among: "Ah one of those. I bought a Cube i10 a while back for my fiance, only to find both Android and Windows had been hacked up so bad as to be unusable. Completely untrustworthy.
-
@jwt:
I’m not asking what you would pay for the hardware.
<snip>I’m asking what you would pay for pfSense on espresso.bin.</snip>To echo strigona, somewhere around $100/150-ish; for what I'd need it for…home lab. If I were looking to procure something for my job, I'd entertain the idea of a scaled model, perhaps based on number of users or some such.
-
Not missing much there - at least not in the pfsense sub ;) Its better than the facebook pfsense stuff, but lots of WTF threads there all the time - hehehe
edit: There was a comment to the OP competence that gave me a nice chuckle..
I'm the OP.
I'm glad you had a chuckle at my expense. We all need to feel that "Thank God it wasn't me this time" feeling once in a while. I made a fool of myself in this instance, and yes I was under pressure to find an inexpensive solution, quickly, for a customer without the budget for an enterprise-class Cisco firewall. I'm pretty comfortable with my competence, as specialized in the Cisco realm as it may be. I guess I just got used to dealing with a reputable vendor.I'm totally comfortable with the idea that my mistake has spawned an important and wide-ranging discussion of the issue, of this particular vendor, and of the direction the discussion has gone.
As I said, I have a well-developed sense of humility. If my very public faceplant serves as a lesson to others, well, teaching is what I do best.
-
I'm the OP.
Hey, live and learn. There are a tremendous number of variables in this industry. Stuff happens. As mentioned, you are not the only one to have blown $ on crap gear!
I hope you get some answers about that firewall and what traffic it might be generating.
-
Don't take my comment about the comments on reddit thread the wrong way.. I was just commenting on the flavor of the comments over there.. They were not my comments..
In the big picture this thread and reddits thread might draw some much needed attention to the crap that is out there, etc. And hopefully people that were not aware of how some not so nice people try and profit off of pfsense good name, etc.
-
Any merit in locking an email address to a MAC address of a box or a box ID? Even for CE users. Obviously, those email addresses would be verified. Until verified and tied to an account of some sort the firewall can't be configured etc. 3rd party suppliers would soon get sick of having to register an email, sending a verification, registering the ID or MAC Address. Users such ourselves wouldn't mind - we could use an admin email of the company we are installing PFSense for - tied to the MAC or ID of the box. If the box gets changed then we would need to re-verify. Probs wouldn't take too long to sort.
-
If this is the topic with justification to stop the "open-source pfSense" then just do it, it fit like a glove, maybe other projects will fill the gap.
One new user with "20 years certified experience IT" registered in the same day it is opening this tread about his 0 experience configuring his first pfSense firewall from a shady source, in the same time he is very keen to buy another few pfsense this time from certified source… :-[
Some people smoke to much and look where this topic it is going... next you can't configure on site an open source firewall without subscriptions, valid license, emails registered... wtf ?
In the time put a damn banner on the site & forum with warning for all IT experts and then hire another marketing director for business.
john..., doc... god help us please !
-
Please leave drama and speculation out of this forum.
@ecfx:If this is the topic with justification to stop the "open-source pfSense" then just do it, it fit like a glove, maybe other projects will fill the gap.
As said numerous other times, pfSense is and will remain open source. Please do not speculate or take things out of context.
@ecfx:
One new user with "20 years certified experience IT" registered in the same day it is opening this tread about his 0 experience configuring his first pfSense firewall from a shady source, in the same time he is very keen to buy another few pfsense this time from certified source… :-[
[/quote]Are you implying that it did not happen or that OP is associated with us? That's very easy to check. But first, don't be rude and condescending to OP. Not everyone knows about pfSense and that's fine. OP was very honest so no need for attacks just because he's new with pfSense.
@ecfx:
Some people smoke to much and look where this topic it is going… next you can't configure on site an open source firewall without subscriptions, valid license, emails registered... wtf ?
In the time put a damn banner on the site & forum with warning for all IT experts and then hire another marketing director for business.
john..., doc... god help us please !
Noted but I would suggest your improve attitude and stop with speculation. Stay on topic.
-
The writing has been on the wall for quite some time. Granted changes need to be made to protect trust in the brand. As intuition and observations explain they are and have been in the flow for just as long as assumptions. How those changes blossom will permanently define pfSense / Netgate, as I imagine the inner circle has the vision of end result.
I would also imagine 'the team' is well aware this is not by far the first organization to get to this point. As well, the mistakes others (list hundreds of open source companies here) may have made in the best interests of the purpose behind such long term development, and why it has been defined as the go to for not only learning experience, but faith and trust in the software / brand itself.
Where {mistake; dis-enfranchising end users} or free/open source pitting against said companies foothold within enterprise funding environment(s) or lack thereof.
No need to list everything that has failed along these line with so many organizations, anymore than to toss caution to the wind and close latest production repos to anyone without subscription, this is much larger than that.
The simple fact is, there is no alternatives to what we are utilizing here to maintain / protect and facilitate our networks in the depth and fullness we get from pfSense, it simply does not exist. Within it's current scope of use.
'WE' the community at this point must do the policing, after all, this gift of many facets we have been permitted has not been without many years of strategy and misadventures and struggles untold along the way.
It only stands to reason , if 'we' expect to continue to be a part of free and open source entities and benefit from them , we must give back in some way. No? It's time to protect what we use to protect us.
A couple simply ways this can be done would be to call it out when we see it.
A better way would be to go looking for it. Instead of taking those 15 minutes to go read /r/whateverhere and laugh or /getyourrocksoff how about taking even half that time and search for it. Scammers liars and thieves can hide.
Go search for what you may already have, find who is dealing it, see something against policy, attack it with the proper means, expose it.
Take two minutes when you see something verifiable incorrect such as this thread points out, post it's a scam on whatever media you use, (what I mean here is groupthink is trash, get the issue out in the wild, no sense preaching to the choir, we already know, not to say don't post it when you see it here )sure, the scammer will run and hide, but the purpose is to build question in the minds of the people, once an interested (in pfSense) person has been enlightened even in the slightest fashion, they will look further and see the scam. And in turn find the real deal.
Yes, it's a form of social engineering. For no other purpose than to protect our fellow enthusiast and the brand we ourselves trust daily.
-
I don't really think that there is something compromised in pfSense on that non official piece of hardware, I do think it's just broken, corrupted or whatever else. If you feel your copyrights are violated, go to court, this is the right way. If you want to stop distribution of free version of pfSense for any reason, just stop it and see what happens, but I don't think this really can help you stop those sellers to pre install and sell anything they will call pfSense even if it's not.
-
Imo if your stuck with the hardware, wipe the drive (make sure all partitions are wiped) and do a fresh install. In theory the config backup "should" be ok, but since someone is already to be know to jack with the os install….i'd just take some screenshots of your config and build it up from scratch. If your suspicious of any bios-level modifications after a fresh install leave it in a corner powered on with the auto-updating disabled and start sniffing it's wan port for a week. As others have mentioned, Netgate hardware is there and works well (beyond being clean).
FWIW, Netgate does sell some offerings on Amazon (a suggestion for Netgate, you may want to add the higher end models there...even if at an adjusted price level to cover the Amazon "tax" so the sales page can provide some detail around the licensing and how some 3rd party sellers are doing shady things).
As someone who has been using x86 builds of pfSense for almost 13 years (now I feel old) the ARM solutions were originally design for cost and power considerations. They scale much better than before but in larger deployments the x86 (now x64) builds scale better (Netgate does offer both of these as well as support offerings if you need it).
@jwt:
..But when will the community learn that hardware sales are what pays for the engineering time and talent, the testing, the documentation, and the infrastructure (on-line and offline) that goes into making pfSense software available to them?
Historically this wasn't case, as time has evolved this has become the case. For a product that was originally designed as a fork of mono with a much better interface and a more modern underlying kernel (FreeBSD 4.x driver support was horrible) it was never originally a commercial offering. This came later initially with stickers, hats, shirts, ect and expanded from there to where it is today. Netgate has always provided a decent value add for businesses who needed active support contracts and an off the self solution (IMO).
