Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    FreeBSD Patches DoS Vulnerability

    Firewalling
    2
    3
    682
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ghostshell
      ghostshell last edited by

      http://threatpost.com/freebsd-patches-dos-vulnerability/108343

      Should we manually update via the patch listed i the article?

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        No.

        This is of minimal impact to pfSense because:

        1. This is for connections to a FreeBSD, not through a FreeBSD system – on pfSense, most traffic is through (LAN to WAN, for example) and not to the firewall directly.

        2. A stateful firewall mitigates the problem. Using pf is mentioned as a workaround in the SA, and if you're running pfSense, you're already doing that unless you manually disabled pf.

        So to summarize, unless you have 1. disabled pf, and 2. run open services to the world on the firewall with pf disabled, it likely does not impact you.

        To me, it's not enough to warrant another 2.1.x release on its own, but we will have the fix on 2.2.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • ghostshell
          ghostshell last edited by

          kinda thought so since PF is not listed anywhere as being affected, but since the base is FreeBSD thought just to be safe, ask

          1 Reply Last reply Reply Quote 0
          • First post
            Last post