• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

What is the biggest attack in GBPS you stopped

Scheduled Pinned Locked Moved
General pfSense Questions
33
737
544.0k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    doktornotor Banned
    last edited by May 15, 2015, 7:56 AM

    @NOYB:

    And that the pfSense team doesn't really seem to be very engaged in figuring it out so it can be fixed doesn't instill any confidence that it will be fixed anytime soon.  In fact it indicates that they either have no idea what's causing the issue, or that they do know and know there is no timely fix on the horizon.  So down play it.  Just multiplies the sentiment.

    As I have pointed out - when you are dissatisfied with the way a vendor handles a perceived security issue, then do a proper full disclosure. This thread is at page 18 with about zero useful information. ("Oh noes, pfS suxxx", "PM me to get p0wn3d", "Watch this YT video to see pfS GUI die" or "I had a nice talk with Mr. Unknown" and similar noise does not count as useful, really.)

    1 Reply Last reply Reply Quote 0
    • S
      Supermule Banned
      last edited by May 15, 2015, 7:59 AM

      Then why dont you enlist and try to help if you are that good?

      And then we can shower the thread with useful information and make a full disclosure?

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by May 15, 2015, 8:02 AM

        Enlist for what? PM me to get p0wn3d and I'll produce another YT video? Kidding, right…  ::) There are these FreeBSD mailing lists or https://www.freebsd.org/security/ if you think it's a security issue.

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by May 15, 2015, 8:09 AM

          DEFCON's coming up.  Give a presentation and take down their shit.  I think they rely on BSD/pf.  Want attention?  That'll get it.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • L
            lowprofile
            last edited by May 15, 2015, 8:47 AM

            @Nullity:

            I love you to bro.

            Thanks for trying to spread some negativity and get a pfSense vs Fortigate fight going on your way out. You will be missed.

            No fight here. Try to understand my decision. I can't run a business with these conditions. I hope it will get better in future, but i can't wait. I made a PoC which conclude the obvious issue… = pfsense.

            @kejianshi:

            I'm really seeing the logic in the point that others talked about, several times actually…

            The end users firewall really isn't the place to stop or mitigate a DDOS.

            You are 100% right, thats why you should read my post again.  :)

            @tim.mcmanus:

            I run pfSense on multiple WANs and LANs on the same box for my business.  I'm also hosting multiple web servers and mail servers.  Never once taken down by any attacks.

            What are you doing to subject yourself to these kinds of attacks, and why hasn't your ISP done anything to mitigate them?

            My conclusion was not based on a home connection where hosting game servers.

            I am located in a prof. datacenter with DDoS protection from Arbor trough upstream provider. My pipe never gets exhausted, and i can resist any attack except low bandwidth SYN/TCP ACK flood.
            It just go trough the protection, the attack is too small. I know pfsense is not a mitigating box, for that i do have Arbor. but if it can't stop/drop/handle these small SYN flood unless you do some "dirty" tweaking and make 1 new TCP rule pr. rule… then it is not this worth. too much "noisy" and still not perfect.

            I am hosting several servers, webservers, exchange, etc. (customers) When you have public services then your network will be a victim of this type of attacks, soon or later.
            I will be watching PFsense releases in future, but at this moment there is too much negative to say, regarding new updates, SYN flood handling, crashes etc.

            PFsense team should make a feature to better handling SYN flood, like fortigate and 1287 other vendors, a policy with features for type of attack and a threshold. At this moment one have to make 1 new TCP rule along with existing rule, and make limitations in many fields... too much to administer and too much can go wrong.

            1 Reply Last reply Reply Quote 0
            • S
              Supermule Banned
              last edited by May 15, 2015, 9:38 AM

              Thats not whats happening.

              I will take you down, but you can helt in logging and whatever you can do in the other. Options I dohnt have since I know little of FreeBSD, but I know you are a contributor to a lot of things, so why not help out. Usually it takes 5-10 mins to get the captures needed to disect whats going on.

              Try to be positive :)

              @doktornotor:

              Enlist for what? PM me to get p0wn3d and I'll produce another YT video? Kidding, right…  ::) There are these FreeBSD mailing lists or https://www.freebsd.org/security/ if you think it's a security issue.

              1 Reply Last reply Reply Quote 0
              • T
                tim.mcmanus
                last edited by May 15, 2015, 11:15 AM

                @NOYB:

                @tim.mcmanus:

                What are you doing to subject yourself to these kinds of attacks, and why hasn't your ISP done anything to mitigate them?

                Really?  You expect a business to rely on ISP to protect against a low bandwidth attack such as this.  A business could be down for days before being able to get an ISP to take meaningful action.  Sure hope that it is not pfSense position that an ISP should protect a business from such a low bandwidth attack so their product doesn't have to.

                Yes, that's how it's usually managed.

                Stopping attacks that are taking down a piece of infrastructure are usually stopped further up the chain.  I can easily pick up the phone right now and get my ISP to stop a low bandwidth SYN if I asked them, and we would come up with a solution to protect me, their customer.  YMMV.

                @lowprofile:

                My conclusion was not based on a home connection where hosting game servers.

                I am located in a prof. datacenter with DDoS protection from Arbor trough upstream provider. My pipe never gets exhausted, and i can resist any attack except low bandwidth SYN/TCP ACK flood.

                I'm in Equinix NY4.  I can have any attack mitigated upstream with a 30-minute SLA; obviously depending on the type of attack, but I'm sure a SYN flood would easily be resolved within 30 minutes.

                Again, if you have a piece of infrastructure that has a vulnerability and you cannot mitigate it upstream, I would seriously question the security design of your network.

                1 Reply Last reply Reply Quote 0
                • L
                  lowprofile
                  last edited by May 15, 2015, 11:40 AM

                  @tim.mcmanus:

                  Again, if you have a piece of infrastructure that has a vulnerability and you cannot mitigate it upstream, I would seriously question the security design of your network.

                  … or a better solution, change the hardware. I dont want to call my ISP each and every time there is a small SYN flood. I expect my firewall to handle it, which is possible, just not with pfsense.
                  There is nothing wrong with the infrastructure design. I have been in touch with many hardcore network people, everyone was pointing to the firewall which i by purpose was not taking seriously. Now i do after testing it against other vendors.

                  When you are hosting hundreds of servers which is unmanaged (customers choice) then you need a proper firewall to handle this common attacks, it should be basic stuff in each firewall. Cisco, Juniper, Fortigate, Checkpoint, SonicWall, they all have this SYN protection which at the end is just a feature to control the flow and focused on UX.

                  With a SLA on 99.99% to my customers, i can't afford any downtime due to 10mbit SYN flood. Indeed i can call my upstream provider, but that is just not how you should handle it.

                  1 Reply Last reply Reply Quote 0
                  • H
                    Harvy66
                    last edited by May 15, 2015, 12:19 PM

                    @kejianshi:

                    I'm really seeing the logic in the point that others talked about, several times actually…

                    The end users firewall really isn't the place to stop or mitigate a DDOS.

                    I don't care what packets are coming in, 5Mb/s of packets is not an "attack", that's an aggressive port scan of your subnet or something. Other than states getting full up, anything less than 1Gb should not take down a modern high performance desktop/server CPU. Something is being incredibly wasteful by several orders of magnitude.

                    Let me put it in a car analogy. If I purchased a truck that claimed to be able to tow 2000 lbs, and I found it could not tow a 2000 lb block of water, would you blame the water and say "well, it's only meant to tow wood"? Packets are packets. New states do trigger a slow path, but it should not be that slow. Something is really really wrong. We're not talking about 2000 lbs of water and saying be careful of sloshing, it can effectively push you over your tow limit because of sloshing stress. We're talking about, saying "If you tow liquids, because of sloshing, you can only tow 16oz, but otherwise 2000 lbs for solid materials".

                    1 Reply Last reply Reply Quote 0
                    • S
                      Supermule Banned
                      last edited by May 15, 2015, 12:33 PM

                      Exactly and it takes pfSense offline immediately!

                      Which it shouldnt do if everything was working as it should.

                      1 Reply Last reply Reply Quote 0
                      • D
                        doktornotor Banned
                        last edited by May 15, 2015, 12:38 PM

                        Yeah, we are all doomed. @Supermule:

                        Exactly and it takes pfSense offline immediately!

                        1 Reply Last reply Reply Quote 0
                        • S
                          Supermule Banned
                          last edited by May 15, 2015, 12:41 PM

                          Be constructive Doktor!

                          This is an iinvitation to test with me. Then you can see and analyze yourself and help out.

                          And yes if this hits you then you are.

                          1 Reply Last reply Reply Quote 0
                          • T
                            tim.mcmanus
                            last edited by May 15, 2015, 1:37 PM

                            @lowprofile:

                            @tim.mcmanus:

                            Again, if you have a piece of infrastructure that has a vulnerability and you cannot mitigate it upstream, I would seriously question the security design of your network.

                            … or a better solution, change the hardware.

                            Change the architecture.

                            I have a Palo Alto on the border because I want a security appliance there, and then there's an F5 behind that, and of course pfSense next.  This is just a general, high level view; there's more than this.  I support customers in finance and life sciences.

                            If I cannot handle an attack with those security layers, I escalate to the ISP.

                            With my SMB customers I'm looking at the Mirkotek as a $40 "fix" to stop the SYN packets in front of their pfSense installations.  As I mentioned before, I might be inclined to test it out with Supermule to see if it is effective.

                            1 Reply Last reply Reply Quote 0
                            • S
                              Supermule Banned
                              last edited by May 15, 2015, 1:54 PM

                              I would be glad to help Tim :)

                              1 Reply Last reply Reply Quote 0
                              • M
                                maverick_slo
                                last edited by May 15, 2015, 2:01 PM

                                So I tested it with Supermule.
                                Well I have 3 links (40/100, 20/20, 20/20)

                                He took me down in 1 second with approx 3.09 Mbit traffic.
                                I have webserver behind this and all I see in that log is few lines of ACKs sent back and then silence.

                                He syn flooded me on one (1) line out of 3 and everything went down.

                                Very nice  >:(

                                1 Reply Last reply Reply Quote 0
                                • S
                                  Supermule Banned
                                  last edited by May 15, 2015, 2:04 PM

                                  So attack on one IP with 3.09mbit of traffic took down master AND slave as well despite not even running on that public IP??

                                  Correct?

                                  1 Reply Last reply Reply Quote 0
                                  • M
                                    maverick_slo
                                    last edited by May 15, 2015, 2:06 PM

                                    Yes, everything went down in less than 5 seconds.

                                    1 Reply Last reply Reply Quote 0
                                    • S
                                      Supermule Banned
                                      last edited by May 15, 2015, 2:09 PM

                                      You could be right on this one.

                                      @doktornotor:

                                      Yeah, we are all doomed. @Supermule:

                                      Exactly and it takes pfSense offline immediately!

                                      1 Reply Last reply Reply Quote 0
                                      • N
                                        Nullity
                                        last edited by May 15, 2015, 4:12 PM

                                        The kid in me wants more DDoS anecdotes.
                                        The adult in me wants more debugging.

                                        Do syncookies and/or syn-cache help any?

                                        I have a few days free. Send me the damn thing and I will read the FreeBSD handbook and solve what I can.

                                        Please correct any obvious misinformation in my posts.
                                        -Not a professional; an arrogant ignoramous.

                                        1 Reply Last reply Reply Quote 0
                                        • H
                                          heper
                                          last edited by May 15, 2015, 4:13 PM

                                          @supermule have you opened a bug report on redmine with some specifics & mailed the script/software/procedure to the devs ?
                                          i doubt we'll get this sorted without their assistance.

                                          also, someone (who knows freebsd) should try to replicate it on stock freebsd

                                          1 Reply Last reply Reply Quote 0
                                          • K
                                            kejianshi
                                            last edited by May 15, 2015, 4:16 PM

                                            SSDD….

                                            beating-a-dead-horse-.jpg_thumb
                                            beating-a-dead-horse-.jpg

                                            1 Reply Last reply Reply Quote 0
                                            • L
                                              lowprofile
                                              last edited by May 15, 2015, 4:37 PM

                                              @doktornotor:

                                              Yeah, we are all doomed. @Supermule:

                                              Exactly and it takes pfSense offline immediately!

                                              Yes you are. Never seen an active idiot like you on a forum. All your post (went through 100's, quite boring) are only negative, either you post google pics, "WTF", "NO", or "HELL"

                                              Be a man, do some test before putting out shit…

                                              1 Reply Last reply Reply Quote 0
                                              • D
                                                doktornotor Banned
                                                last edited by May 15, 2015, 4:47 PM

                                                @heper:

                                                @supermule have you opened a bug report on redmine with some specifics & mailed the script/software/procedure to the devs ? i doubt we'll get this sorted without their assistance.

                                                No, of course not. It's much better to start a 20page "PM me to get DoS-ed" thread.  ::)

                                                @lowprofile:

                                                Be a man, do some test before putting out shit…

                                                What'd be purpose of the test? To post here yet another "oh noes, pfS died, t3h suxxx"?

                                                1 Reply Last reply Reply Quote 0
                                                • K
                                                  kejianshi
                                                  last edited by May 15, 2015, 5:25 PM

                                                  I think the main point is there is no reason to scream fire in the same theater twice.

                                                  I'm sure whatever can be done will be done.

                                                  I'm just a casual bystander and for me the thread got boring already because I know the main pfsense guys and more than likely people inside BSD are on it by now.

                                                  The people who are continuing the thread already shed light on things but will not be the same people who resolve the issue.

                                                  So me personally…  I think its time already to let the coders do their magic and wait.

                                                  1 Reply Last reply Reply Quote 0
                                                  • H
                                                    Harvy66
                                                    last edited by May 15, 2015, 11:04 PM

                                                    Monthly updates for a long standing critical flaw would be nice. But I can appreciate busy programmers, been there, done that.

                                                    1 Reply Last reply Reply Quote 0
                                                    • T
                                                      torontob
                                                      last edited by May 16, 2015, 3:46 PM

                                                      This is either really grave and so incurable that no one wants to officially talk about it and report back to community or they haven't figured out what Supermule does to bring it down.

                                                      Either ways this is very concerning. It's funny how you see no signs of devs being cocky about this like other issues. I hope that means they are hard at work. Really, pfsense will be useless if this is what happens…

                                                      I think we all owe Supermule a BIG thank you! Anyone says anything else is trying to hide this serious issue.

                                                      If devs have nothing to say to what Supermule has established then this is probably a business decision to shoot down the free version. I wonder if previous versions - all the way back to 1.2.3 - are also effected y this (Supermule would you please test?). If they are not then this is most likely a business decision. If they are, then it's probably an inherent issue with FreeBSD that needs attention.

                                                      1 Reply Last reply Reply Quote 0
                                                      • T
                                                        tim.mcmanus
                                                        last edited by May 16, 2015, 3:51 PM

                                                        @torontob:

                                                        This is either really grave and so incurable that no one wants to officially talk about it and report back to community or they haven't figured out what Supermule does to bring it down.

                                                        Either ways this is very concerning. It's funny how you see no signs of devs being cocky about this like other issues. I hope that means they are hard at work. Really, pfsense will be useless if this is what happens…

                                                        I think we all owe Supermule a BIG thank you! Anyone says anything else is trying to hide this serious issue.

                                                        If devs have nothing to say to what Supermule has established then this is probably a business decision to shoot down the free version. I wonder if previous versions - all the way back to 1.2.3 - are also effected y this (Supermule would you please test?). If they are not then this is most likely a business decision. If they are, then it's probably an inherent issue with FreeBSD that needs attention.

                                                        FUD, pure ans simple.

                                                        Unfortunately, although an issue has been identified, the root cause has not.  Rather than fan the flames of "this sucks and so do the dev", what may I ask are you doing to determine the root cause?

                                                        pfSense is an open source community project.  It's unfortunate that apparently most of the community is made up of weaksauce, cheese-eating surrender monkeys.  Lots of whine with that cheese…

                                                        1 Reply Last reply Reply Quote 0
                                                        • D
                                                          doktornotor Banned
                                                          last edited by May 16, 2015, 4:07 PM

                                                          @tim.mcmanus:

                                                          what may I ask are you doing to determine the root cause?

                                                          Yeah. The whole point here is that NOTHING is done to fix this. So this Supermule guy has a new toy, and goes like this:

                                                          _> Hey, I've got these top secret scripts. PM me to get DoS-ed

                                                          OK, here's the IP
                                                          Haha, pfSense died in seconds, gotcha! Watch this YT video. How did it feel? Did it suck?
                                                          Yeah, pretty much._

                                                          This has been going on for about two months, with a bunch of crappy YT videos produced, nothing determined, and producing a completely useless thread with a bunch of ridiculous shit like the conspiracy stuff or suggestions to replace pf with the mighty Windows firewall.

                                                          Supermule, hand over the stuff to someone who has a clue => pfSense/FreeBSD devs. No offense, but you certainly do NOT have the know-how to determine the cause of the problem, let alone fix it. Enough of this crap already! Not entertaining, and a pure waste of time.

                                                          :( >:( >:(

                                                          1 Reply Last reply Reply Quote 0
                                                          • H
                                                            Harvy66
                                                            last edited by May 16, 2015, 5:50 PM

                                                            SuperMule gave a link to a 3rd-party DOS testing service that has this exact same attack. Sounds like a fairly standard attack to me if 3rd-part DOS testing services already have this attack. He has provided packet dumps that included all valid UDP or TCP packets, just from a range of source IPs and ports.

                                                            Sounds strait forward. PFSense copes well with a single IP address attacking, but blows up with many different IPs. Completely guess since I didn't bother to pay for the service to test out doing a DOS instead of DDOS of said attack.

                                                            1 Reply Last reply Reply Quote 0
                                                            • S
                                                              Supermule Banned
                                                              last edited by May 16, 2015, 6:02 PM May 16, 2015, 5:57 PM

                                                              The kind Doktor apparently didnt notice that….

                                                              A lot of scripts are emerging right now that has these capabilites built in. That makes pfsense compeletely useless for any that hosts public services if a 3mbit DDoS can bring it down and take slave and 3rd links down as well.

                                                              What do you consider it to be on a scale of 1-10 if EVERYBODY can be taken offline instantly by scripts that is everybodys for the taking in a not so distant future.

                                                              What would happen to the forum if one is pissed on some of the devs or fort that matter somebody else?

                                                              Take it offline as long as they like.... the netgate store and everything else related to ESF can be gone in seconds.

                                                              OPNSense responds better (35 seconds) before its taken offline. Pfsense takes 1-2 seconds.

                                                              Make up your own mind...

                                                              1 Reply Last reply Reply Quote 0
                                                              • D
                                                                doktornotor Banned
                                                                last edited by May 16, 2015, 6:54 PM May 16, 2015, 6:50 PM

                                                                @Supermule:

                                                                A lot of scripts are emerging right now that has these capabilites built in. That makes pfsense compeletely useless for any that hosts public services if a 3mbit DDoS can bring it down and take slave and 3rd links down as well.

                                                                Yeah, a lot of scripts may be emerging… no wonder when two months of time have been wasted with your PM to DOS and Youtube shit. Congrats.

                                                                @Supermule:

                                                                What do you consider it to be on a scale of 1-10 if EVERYBODY can be taken offline instantly by scripts that is everybodys for the taking in a not so distant future.

                                                                On a scale of 1-10 on how to handle issues in open-source code, you get 0 for acting like complete retard. Make up your own mind…

                                                                @Harvy66:

                                                                SuperMule gave a link to a 3rd-party DOS testing service that has this exact same attack.

                                                                Wonderful. Maybe he's getting some commission from them…  ::)

                                                                1 Reply Last reply Reply Quote 0
                                                                • N
                                                                  NOYB
                                                                  last edited by May 16, 2015, 7:59 PM

                                                                  The following is my opinion.

                                                                  I don't really see this thread as being squarely aimed at root causing the issue as much as one of bringing to light the issue to make the community and pfSense team aware of the issue.  Awareness has been accomplished.

                                                                  Very disappointed in the response (or seemingly lack of response) by the pfSense team to either acknowledge or refute this issue.  I would expect this from a fortune 500 company, but not from a grass roots originated, community contributed, effort like pfSense.  :o

                                                                  Really seems as though the pfSense team is not interested in engaging.  This to me is an indication that there really is an issue and that the issue is beyond what they are capable of dealing with due to a technical limitation within the product.  Or that there could be an unpalatable to the community agenda involved.  Whatever the case or reason may be the response thus far does not instil confidence in the product or ESF.  :(

                                                                  Since I do not use this product in a business environment the issue itself is not of much concern to me.  The pfSense team seemingly lack response and engagement though is very unpalatable.

                                                                  If I were using pfSense in a business environment I would be very concerned though that with such a small amount of traffic pfSense could be taken off-line by a disgruntled employee, dissatisfied customer, or an unscrupulous competitor.

                                                                  Regardless of one's philosophy of where such a low bandwidth "attack" should be mitigated.  No modern firewall should be susceptible to being knocked off-line by as little as a few megabits of traffic.  ::)  This would be totally unacceptable to me in a business environment.

                                                                  1 Reply Last reply Reply Quote 0
                                                                  • S
                                                                    Supermule Banned
                                                                    last edited by May 16, 2015, 8:17 PM

                                                                    Its been 3+ months since this was forwarded to the devs by Lowprofile and me.

                                                                    There has been NOTHING other than scattered emails and one PM to me about pcaps from CMB and he could get it since its in this thread.

                                                                    I find that fact pretty scary since people buy commercial support and gold memberships to support the project.

                                                                    But when its really needed, everything went quiet and almost no responde other than accusations of me bringing down the forum.

                                                                    I would love to help out, but I am not a freebsd/linux guru and I cannot provide anything besides point out there is an issue, trying to enlighten people and show how it affects pfsense and other firewall distros.

                                                                    Thats why I ask for testers and help from people like Doktornotor since I know he is a dev. and all I get is shit from him.

                                                                    I have promised not to spread the script since as it is, it can take down any firewall running pfsense and other OS'.

                                                                    Its like having a dirty bomb and people asking for copies, than all hell breaks lose.

                                                                    What else can I do to draw attention to this and have a response to the issue?

                                                                    @NOYB:

                                                                    The following is my opinion.

                                                                    I don't really see this thread as being squarely aimed at root causing the issue as much as one of bringing to light the issue to make the community and pfSense team aware of the issue.  Awareness has been accomplished.

                                                                    Very disappointed in the response (or seemingly lack of response) by the pfSense team to either acknowledge or refute this issue.  I would expect this from a fortune 500 company, but not from a grass roots originated, community contributed, effort like pfSense.  :o

                                                                    Really seems as though the pfSense team is not interested in engaging.  This to me is an indication that there really is an issue and that the issue is beyond what they are capable of dealing with due to a technical limitation within the product.  Or that there could be an unpalatable to the community agenda involved.  Whatever the case or reason may be the response thus far does not instil confidence in the product or ESF.  :(

                                                                    Since I do not use this product in a business environment the issue itself is not of much concern to me.  The pfSense team seemingly lack response and engagement though is very unpalatable.

                                                                    If I were using pfSense in a business environment I would be very concerned though that with such a small amount of traffic pfSense could be taken off-line by a disgruntled employee, dissatisfied customer, or an unscrupulous competitor.

                                                                    Regardless of one's philosophy of where such a low bandwidth "attack" should be mitigated.  No modern firewall should be susceptible to being knocked off-line by as little as a few megabits of traffic.  ::)  This would be totally unacceptable to me in a business environment.

                                                                    1 Reply Last reply Reply Quote 0
                                                                    • T
                                                                      torontob
                                                                      last edited by May 16, 2015, 11:53 PM

                                                                      @Supermule:

                                                                      Its been 3+ months since this was forwarded to the devs by Lowprofile and me.

                                                                      There has been NOTHING other than scattered emails and one PM to me about pcaps from CMB and he could get it since its in this thread.

                                                                      I find that fact pretty scary since people buy commercial support and gold memberships to support the project.

                                                                      But when its really needed, everything went quiet and almost no responde other than accusations of me bringing down the forum.

                                                                      I would love to help out, but I am not a freebsd/linux guru and I cannot provide anything besides point out there is an issue, trying to enlighten people and show how it affects pfsense and other firewall distros.

                                                                      Thats why I ask for testers and help from people like Doktornotor since I know he is a dev. and all I get is shit from him.

                                                                      I have promised not to spread the script since as it is, it can take down any firewall running pfsense and other OS'.

                                                                      Its like having a dirty bomb and people asking for copies, than all hell breaks lose.

                                                                      What else can I do to draw attention to this and have a response to the issue?

                                                                      Only time will tell what the devs agenda is on this. For all I know there is enough testing done here. It is up to us the users to decide whether we care or not now. The devs make their money different ways and have different priorities. The good doktor is trying to troll. He is useless so far himself. Supermule has produced results. What have you done? At least don't blame the guy. He can't spoon feed you many times over. If he releases this script to the forum, don't you think someone will pick the script and attack everyone? He already says he went to devs 3 months ago and scripts are available so I am not sure what your point is? Do you still not believe this happening or what? If you think this is fake then let us know how otherwise let the man get the attention needed. He said it repeatedly that devs are not responding and yet you go on ranting about how he should do more free work for you. STOP IT doktornotor - you are annoying and trolling. PM supermule if you have good intentions.

                                                                      1 Reply Last reply Reply Quote 0
                                                                      • T
                                                                        torontob
                                                                        last edited by May 17, 2015, 12:32 AM

                                                                        @tim.mcmanus:

                                                                        @torontob:

                                                                        Supermule has produced results. What have you done? At least don't blame the guy. **With all due respect to Supermule, and I am actively working with him, he hasn't produced results.  He's provided a use case.  That use case triggers an adverse result.  That's what he's produced.  I will be working with him to narrow down if that is rooted in FreeBSD 10.1 or pfSense.  It'll take a few weeks for me to make infrastructure changes and build servers, but I think it'll narrow it down.

                                                                        I'm not here to defend Supermule, but I am absolutely here to work with him to put the effort into determining the root cause with the resources I have available to me.

                                                                        Isn't that how open source communities work?

                                                                        I understand Supermule's frustration because the devs on this forums are so cocky at times and jump at you the moment you talk about security or features. I have seen that first hand. I am just in the process of setting a test bed myself but if I see same results then I would know for sure that anyone who says otherwise is trolling or stalling what Supermule is trying to put out here. If he is a whistleblower then you should appreciate him regardless of whether he helps anymore or not.

                                                                        We, the users, do NOT code! but we give the devs the power to see all the download and usage statistics so YES we are directly contributing to make this product better by simply using it.

                                                                        Turn the thread into a progress report if you care - otherwise, I don't believe anything you say unless a new version comes that is not prone to the same attack.

                                                                        Pfsense is AWESOME! but if they turn this into a personal war against Supermule then it's really stupid of devs even if it is for buying time. He has raised his voice and has all the right to do so in whatever way he wants. This is an opensource project so suck it, fix it, and move on. No one is giving handouts here - everyone contributes!**

                                                                        1 Reply Last reply Reply Quote 0
                                                                        • T
                                                                          torontob
                                                                          last edited by May 17, 2015, 2:03 AM

                                                                          I do not appreciate SM's disclosure.  No developer would.  However, I am trying to respond to it in a way that I can contribute.
                                                                          Users absolutely DO code.

                                                                          Most of users do NOT code! We contribute by download, test, and report. Devs make their money indirectly from this. Don't act superior to other users. The fact that you did coding or not has NO VALUE. You did it for your own personal gain regardless. One doesn't need a business major to understand this. This project exists because of it's user-base (Small or big). You are not important any more than any other user here. Don't flatter yourself!

                                                                          I do NOT understand why you make this about Supermule's character or method of disclosure while this is simply a really bad thing happening out there that has nothing to do with anything but the issue itself. Attack the problem, not the messenger. Are you pissed that he found it? I am certain he is not lying when he says Devs give him shit for reporting this. Once again, people like you are trying to change focus from what he is saying. And you are full of shit because if you saw no value in what Supermule found then you wouldn't be so angry here. If you don't believe this is serious then forget it and move on. If you do believe he is onto something and you still DO NOT APPRECIATE HIM then, …. (fill the dots yourself)

                                                                          And what the heck is a white hat? Who decides who is a white hat - you? LOL - No one trusts you when you take the high moral ground to everyone else! STOP ATTACKING HIS CHARECTER - this is stupid

                                                                          1 Reply Last reply Reply Quote 0
                                                                          • S
                                                                            Supermule Banned
                                                                            last edited by May 17, 2015, 6:39 AM

                                                                            Geesus guys!

                                                                            Take it easy. Just got up on a sunday and all this bickering is not good for the community.

                                                                            Lets get into solution mode and see if we can assist the dev's on this one since it seems to be pretty severe.

                                                                            Go grab a coffee and a donut :)

                                                                            I will read my PM's in the meantime with people wanting to help. Really appreciated guys!

                                                                            1 Reply Last reply Reply Quote 0
                                                                            • D
                                                                              doktornotor Banned
                                                                              last edited by May 17, 2015, 7:21 AM

                                                                              1 Reply Last reply Reply Quote 0
                                                                              • T
                                                                                tim.mcmanus
                                                                                last edited by May 17, 2015, 2:37 PM

                                                                                My apologies.  The Jameson made Mr. Hyde come out.

                                                                                1 Reply Last reply Reply Quote 0
                                                                                • H
                                                                                  Harvy66
                                                                                  last edited by May 17, 2015, 3:15 PM May 17, 2015, 3:11 PM

                                                                                  @Supermule:

                                                                                  Geesus guys!

                                                                                  Take it easy. Just got up on a sunday and all this bickering is not good for the community.

                                                                                  Lets get into solution mode and see if we can assist the dev's on this one since it seems to be pretty severe.

                                                                                  Go grab a coffee and a donut :)

                                                                                  I will read my PM's in the meantime with people wanting to help. Really appreciated guys!

                                                                                  Coffee sounds really good. Still waiting to get a coffee grinder and a french press. I don't trust coffee filters unless stainless steel, and those are hard to find outside of a french press. I don't like to use paper filters because it seems like a such a waste of paper and many are treated with a range of chemicals, and plastic filters, well, food grade nylon is only rated for 165f before it starts leeching chemicals.

                                                                                  I drink my tea every morning, but I really want free leaf and a tea ball, so I can cut down on waste materials. Took a lot of reviews, but I found a tea that uses compress air to whiten their bags, instead of chemicals, their bags don't use staples only tied so less waste, and chemical analysis shows very low levels of lead and other heavy metals compared to other brands and well below safety limits, and virtually no pesticide residue.

                                                                                  We may be living long compared to people decades ago, but I take the stance that if everything you eat is technically safe, you're just going to get death by a thousand cuts. I don't just want "safe" levels just below the maximum, I want the best that can be done, with in reason.

                                                                                  There's my random weekend off-topic rant.

                                                                                  Next on the agenda, replacing mercury filled florescent lightbulbs with LED lights, but ones that don't have a strong blue spectrum that causes eye strain.

                                                                                  1 Reply Last reply Reply Quote 0
                                                                                  276 out of 737
                                                                                  • First post
                                                                                    Last post
                                                                                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.

                                                                                  Looks like your connection to Netgate Forum was lost, please wait while we try to reconnect.