ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Bad one: SonicWALL Remote Management Vulnerability

    Scheduled Pinned Locked Moved IT Discussion
    17 Posts 7 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • notverypunnyN
      notverypunny @DustinB3403
      last edited by

      @DustinB3403 said in Bad one: SonicWALL Remote Management Vulnerability:

      @wrx7m said in Bad one: SonicWALL Remote Management Vulnerability:

      WTF? People NAT their iDracs?

      Some people...

      Probably the same people that put ketchup on a perfectly good steak..... psychopaths the whole lot of them

      1 Reply Last reply Reply Quote 3
      • iroalI
        iroal
        last edited by iroal

        4 years ago I changed SonicWall for Pfsense.

        One of the best changes I've ever done.

        scottalanmillerS 1 Reply Last reply Reply Quote 1
        • scottalanmillerS
          scottalanmiller @iroal
          last edited by

          @iroal said in Bad one: SonicWALL Remote Management Vulnerability:

          4 years ago I changed SonicWall for Pfsense.

          One of the best changes I've ever done.

          We've been replacing pfSenses with UBNT, also a nice move 🙂

          iroalI 1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @wrx7m
            last edited by

            @wrx7m said in Bad one: SonicWALL Remote Management Vulnerability:

            WTF? People NAT their iDracs?

            As opposed to what? Having a disconnected management LAN and only jump boxes to get to them?

            notverypunnyN 1 Reply Last reply Reply Quote 0
            • notverypunnyN
              notverypunny @scottalanmiller
              last edited by

              @scottalanmiller said in Bad one: SonicWALL Remote Management Vulnerability:

              @wrx7m said in Bad one: SonicWALL Remote Management Vulnerability:

              WTF? People NAT their iDracs?

              As opposed to what? Having a disconnected management LAN and only jump boxes to get to them?

              I think he was referring to inbound NAT / port forwarding from the internet as opposed to LAN only access

              scottalanmillerS 1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @notverypunny
                last edited by

                @notverypunny said in Bad one: SonicWALL Remote Management Vulnerability:

                @scottalanmiller said in Bad one: SonicWALL Remote Management Vulnerability:

                @wrx7m said in Bad one: SonicWALL Remote Management Vulnerability:

                WTF? People NAT their iDracs?

                As opposed to what? Having a disconnected management LAN and only jump boxes to get to them?

                I think he was referring to inbound NAT / port forwarding from the internet as opposed to LAN only access

                Oh, yeah PORT FORWARDING to an iDRAC would be pretty "not recommended." But behind a NAT firewall would just allow them to reach out and update, and no one to reach in by default.

                1 Reply Last reply Reply Quote 0
                • iroalI
                  iroal @scottalanmiller
                  last edited by

                  @scottalanmiller said in Bad one: SonicWALL Remote Management Vulnerability:

                  UBNT

                  For what reason? Are there any problem with Pfsense ?

                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @iroal
                    last edited by

                    @iroal said in Bad one: SonicWALL Remote Management Vulnerability:

                    @scottalanmiller said in Bad one: SonicWALL Remote Management Vulnerability:

                    UBNT

                    For what reason? Are there any problem with Pfsense ?

                    Not problems, pfSense is a good product. The biggest "problem" is the lack of vertical integration with hardware. With the UBNT we get software custom made for the specific hardware, and support. So we don't have to do our own installs, and don't need random third party software. It's one, inclusive package that is well known and tested both in the field and by the vendor. pfSense is software only and as a software firewall would be at the top of my list. But we deploy hardware and the benefits are the lower cost, better supported hardware with massive supply chain are pretty impossible to beat.

                    And the central monitoring features of UBNT carry a lot of value. We get centralized visibility.

                    iroalI 1 Reply Last reply Reply Quote 1
                    • iroalI
                      iroal @scottalanmiller
                      last edited by

                      @scottalanmiller

                      @scottalanmiller said in Bad one: SonicWALL Remote Management Vulnerability:

                      @iroal said in Bad one: SonicWALL Remote Management Vulnerability:

                      @scottalanmiller said in Bad one: SonicWALL Remote Management Vulnerability:

                      UBNT

                      For what reason? Are there any problem with Pfsense ?

                      Not problems, pfSense is a good product. The biggest "problem" is the lack of vertical integration with hardware. With the UBNT we get software custom made for the specific hardware, and support. So we don't have to do our own installs, and don't need random third party software. It's one, inclusive package that is well known and tested both in the field and by the vendor. pfSense is software only and as a software firewall would be at the top of my list. But we deploy hardware and the benefits are the lower cost, better supported hardware with massive supply chain are pretty impossible to beat.

                      And the central monitoring features of UBNT carry a lot of value. We get centralized visibility.

                      Thanks for your opinion, I always learn of them.

                      1 Reply Last reply Reply Quote 1
                      • dafyreD
                        dafyre
                        last edited by

                        PFSense has a newer fork now as well, known as OPNSense (https://opnsense.org/)

                        More modern UI and such, decent packages available if you need extra stuff, but as far as routing and a firewall, it's pretty excellent!

                        scottalanmillerS 1 Reply Last reply Reply Quote 2
                        • scottalanmillerS
                          scottalanmiller @dafyre
                          last edited by

                          @dafyre said in Bad one: SonicWALL Remote Management Vulnerability:

                          PFSense has a newer fork now as well, known as OPNSense (https://opnsense.org/)

                          More modern UI and such, decent packages available if you need extra stuff, but as far as routing and a firewall, it's pretty excellent!

                          Both have a third party UTM add on option, too.

                          1 Reply Last reply Reply Quote 0
                          • 1 / 1
                          • First post
                            Last post