Nessus Scan of PfSense Box



  • I get this alert when i scanned my local LAN.

    CRITICAL

    Unsupported Unix Operating System

    Description
    According to its version, the remote Unix operating system is obsolete and is no longer maintained by its vendor or provider.

    Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities.
    Solution
    Upgrade to a newer version.
    Output

    FreeBSD 8.3 support ended on 2014-04-30.
        Upgrade to FreeBSD 10.1 / 10.0 / 9.3 / 8.4.

    For more information, see : http://www.freebsd.org/security/

    My current pfsense box info is below

    Version 2.1.5-RELEASE (i386)
    built on Mon Aug 25 07:44:26 EDT 2014
    FreeBSD 8.3-RELEASE-p16

    You are on the latest version.

    Is there a later OS for pfsense ?



  • 2.2



  • why would my box not see that as a latest version and does that use a new version of FreeBSD newer than 8.3?

    where / how do i upgrade it from the current box?


  • Banned

    No offense, but perhaps reading some threads on this forum would prevent similar questions.  :o ::)



  • 2.2 is not released yet. Soon. It's based on 10.1 It should show up as an upgrade within a week or so.
    2.1.5 is based on 8.3. While it's not a current version of FreeBSD, the pfSense team has addressed security concerns in a timely fashion.
    pfSense is not generic FreeBSD, so the warning is not valid, IMHO.


  • Netgate Administrator

    ^Exactly.
    Whilst 8.3 may no longer be supported by FreeBSD it is supported the pfSense team. They have backported relevent security patches. It's safe to ignore that warning.

    There was an almost identical thread to this a while ago…..
    Edit: Not the one I was thinking of but: https://forum.pfsense.org/index.php?topic=60970.0

    Steve



  • thanks for the replys, i have updated to 2.2 RELEASE now anyway to will rescan again soon as see what comes up


Log in to reply