Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense and Nessus Scans

    Off-Topic & Non-Support Discussion
    2
    3
    3.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tim.mcmanus
      last edited by

      I just scanned my internal network for vulnerabilities with Nessus (http://www.tenable.com/products/nessus).

      The scanner flagged my 2.0.3 pfSense box with a critical error.

      
FreeBSD 8.1 support ended on 2012-07-31.
Upgrade to FreeBSD 9.1 / 8.3.

      I don't need to pass security audits, and I know pfSense has a very good security record, but this can be a red flag for auditors, especially nitpicky ones.

      My concern is getting stuck between a critical risk factor (justified or not, it's an audit), and using software labeled BETA (stigma that auditors and other folks have regardless of how good it is).

      It might be a red herring, but I thought I'd put it out there.  I just ran the scan and that's the only issue I cannot remediate (the other issues are reasonable, such as running UPNP and mDNS).

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        Nessus isn't smart enough to know we patch FreeBSD on our own as needed for security advisories. 2.0.3 has every security fix back ported that's relevant. A version check doesn't actually mean anything in this case. Nothing to see here.  ;D

        1 Reply Last reply Reply Quote 0
        • T
          tim.mcmanus
          last edited by

          If I get audited, I'm giving them a link to this post.  :)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post