Netgate SG-1000 microFirewall

Author Topic: Admin password changed itself. Twice. Yes it did.  (Read 4372 times)

0 Members and 1 Guest are viewing this topic.

Offline mhvmhv

  • Newbie
  • *
  • Posts: 8
  • Karma: +4/-6
    • View Profile
Re: Admin password changed itself. Twice. Yes it did.
« Reply #45 on: January 24, 2018, 11:21:14 am »

Not missing much there - at least not in the pfsense sub ;)  Its better than the facebook pfsense stuff, but lots of WTF threads there all the time - hehehe

edit:  There was a comment to the OP competence that gave me a nice chuckle..

I'm the OP.
I'm glad you had a chuckle at my expense. We all need to feel that "Thank God it wasn't me this time" feeling once in a while. I made a fool of myself in this instance, and yes I was under pressure to find an inexpensive solution, quickly, for a customer without the budget for an enterprise-class Cisco firewall. I'm pretty comfortable with my competence, as specialized in the Cisco realm as it may be. I guess I just got used to dealing with a reputable vendor.

I'm totally comfortable with the idea that my mistake has spawned an important and wide-ranging discussion of the issue, of this particular vendor, and of the direction the discussion has gone.

As I said, I have a well-developed sense of humility. If my very public faceplant serves as a lesson to others, well, teaching is what I do best.

Offline Knyte

  • Jr. Member
  • **
  • Posts: 72
  • Karma: +1/-0
    • View Profile
Re: Admin password changed itself. Twice. Yes it did.
« Reply #46 on: January 24, 2018, 11:28:10 am »
I'm the OP.

Hey, live and learn.  There are a tremendous number of variables in this industry.  Stuff happens.  As mentioned, you are not the only one to have blown $ on crap gear!

I hope you get some answers about that firewall and what traffic it might be generating.
« Last Edit: January 25, 2018, 10:36:40 am by Knyte »
--------------------------------------------------
2.4.2-RELEASE-p1 (amd64)
built on Tue Dec 12 13:45:26 CST 2017
FreeBSD 11.1-RELEASE-p6
VM in ESXi 5.5
1 x 100baseTX (WAN)
2 x 1000baseTX (LAN / Public Wifi)

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15094
  • Karma: +1408/-206
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Admin password changed itself. Twice. Yes it did.
« Reply #47 on: January 24, 2018, 12:51:58 pm »
@mhvmhv

Don't take my comment about the comments on reddit thread the wrong way..  I was just commenting on the flavor of the comments over there.. They were not my comments..

In the big picture this thread and reddits thread might draw some much needed attention to the crap that is out there, etc.  And hopefully people that were not aware of how some not so nice people try and profit off of pfsense good name, etc.
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)

Offline realtec

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-1
    • View Profile
Re: Admin password changed itself. Twice. Yes it did.
« Reply #48 on: January 25, 2018, 05:02:22 am »
Any merit in locking an email address to a MAC address of a box or a box ID? Even for CE users. Obviously, those email addresses would be verified. Until verified and tied to an account of some sort the firewall can't be configured etc. 3rd party suppliers would soon get sick of having to register an email, sending a verification, registering the ID or MAC Address. Users such ourselves wouldn't mind - we could use an admin email of the company we are installing PFSense for - tied to the MAC or ID of the box. If the box gets changed then we would need to re-verify. Probs wouldn't take too long to sort.

Offline ecfx

  • Full Member
  • ***
  • Posts: 227
  • Karma: +31/-14
    • View Profile
Re: Admin password changed itself. Twice. Yes it did.
« Reply #49 on: January 25, 2018, 06:50:23 am »
If this is the topic with justification to stop the "open-source pfSense" then just do it, it fit like a glove, maybe other projects will fill the gap.

One new user with "20 years certified experience IT" registered in the same day it is opening this tread about his 0 experience configuring his first pfSense firewall from a shady source, in the same time he is very keen to buy another few pfsense this time from certified source... :-[

Some people smoke to much and look where this topic it is going... next you can't configure on site an open source firewall without subscriptions, valid license, emails registered... wtf ?

In the time put a damn banner on the site & forum with warning for all IT experts and then hire another marketing director for business.

john..., doc... god help us please !

Offline ivor

  • Administrator
  • Hero Member
  • *****
  • Posts: 723
  • Karma: +152/-135
    • View Profile
    • Netgate
Re: Admin password changed itself. Twice. Yes it did.
« Reply #50 on: January 25, 2018, 08:07:14 am »
Please leave drama and speculation out of this forum.
If this is the topic with justification to stop the "open-source pfSense" then just do it, it fit like a glove, maybe other projects will fill the gap.

As said numerous other times, pfSense is and will remain open source. Please do not speculate or take things out of context.

One new user with "20 years certified experience IT" registered in the same day it is opening this tread about his 0 experience configuring his first pfSense firewall from a shady source, in the same time he is very keen to buy another few pfsense this time from certified source... :-[

Are you implying that it did not happen or that OP is associated with us? That's very easy to check. But first, don't be rude and condescending to OP. Not everyone knows about pfSense and that's fine. OP was very honest so no need for attacks just because he's new with pfSense.

Some people smoke to much and look where this topic it is going... next you can't configure on site an open source firewall without subscriptions, valid license, emails registered... wtf ?

In the time put a damn banner on the site & forum with warning for all IT experts and then hire another marketing director for business.

john..., doc... god help us please !

Noted but I would suggest your improve attitude and stop with speculation. Stay on topic.
Need help fast? Commercial support: https://www.netgate.com/support/

Offline mudmanc4

  • Full Member
  • ***
  • Posts: 107
  • Karma: +16/-2
  • Thou Shall Not ~kill -9 -1
    • View Profile
    • Lime/IT
Re: Admin password changed itself. Twice. Yes it did.
« Reply #51 on: January 25, 2018, 08:44:53 am »
The writing has been on the wall for quite some time. Granted changes need to be made to protect trust in the brand. As intuition and observations explain they are and have been in the flow for just as long as assumptions. How those changes blossom will permanently define pfSense / Netgate, as I imagine the inner circle has the vision of end result.

I would also imagine 'the team' is well aware this is not by far the first organization to get to this point. As well, the mistakes others (list hundreds of open source companies here) may have made in the best interests of the purpose behind such long term development, and why it has been defined as the go to for not only learning experience, but faith and trust in the software / brand itself.

Where {mistake; dis-enfranchising end users} or free/open source pitting against said companies foothold within enterprise funding environment(s) or lack thereof.

No need to list everything that has failed along these line with so many organizations, anymore than to toss caution to the wind and close latest production repos to anyone without subscription, this is much larger than that.

The simple fact is, there is no alternatives to what we are utilizing here to maintain / protect and facilitate our networks in the depth and fullness we get from pfSense, it simply does not exist. Within it's current scope of use.

'WE' the community at this point must do the policing, after all, this gift of many facets we have been permitted has not been without many years of strategy and misadventures and struggles untold along the way.

It only stands to reason , if 'we' expect to continue to be a part of free and open source entities and benefit from them , we must give back in some way. No? It's time to protect what we use to protect us.

A couple simply ways this can be done would be to call it out when we see it.

A better way would be to go looking for it. Instead of taking those 15 minutes to go read /r/whateverhere and laugh or /getyourrocksoff how about taking even half that time and search for it. Scammers liars and thieves can hide.

Go search for what you may already have, find who is dealing it, see something against policy, attack it with the proper means, expose it.

Take two minutes when you see something verifiable incorrect such as this thread points out, post it's a scam on whatever media you use, (what I mean here is groupthink is trash, get the issue out in the wild, no sense preaching to the choir, we already know, not to say don't post it when you see it here )sure, the scammer will run and hide, but the purpose is to build question in the minds of the people, once an interested (in pfSense) person has been enlightened even in the slightest fashion, they will look further and see the scam. And in turn find the real deal.

Yes, it's a form of social engineering. For no other purpose than to protect our fellow enthusiast and the brand we ourselves trust daily.




« Last Edit: January 25, 2018, 08:48:11 am by mudmanc4 »

Offline w0w

  • Sr. Member
  • ****
  • Posts: 568
  • Karma: +35/-7
  • kernel panic attack
    • View Profile
Re: Admin password changed itself. Twice. Yes it did.
« Reply #52 on: January 25, 2018, 02:35:36 pm »
I don't really think that there is something compromised in pfSense on that non official piece of hardware, I do think it's just broken, corrupted or whatever else. If you feel your copyrights are violated, go to court, this is the right way. If you want to stop distribution of free version of pfSense for any reason, just stop it and see what happens, but I don't think this really can help you stop those sellers to pre install and sell anything they will call pfSense even if it's not.

Offline Patrick_

  • Full Member
  • ***
  • Posts: 175
  • Karma: +1/-0
    • View Profile
    • LiquidObject
Re: Admin password changed itself. Twice. Yes it did.
« Reply #53 on: January 25, 2018, 07:47:43 pm »
Imo if your stuck with the hardware, wipe the drive (make sure all partitions are wiped) and do a fresh install. In theory the config backup "should" be ok, but since someone is already to be know to jack with the os install....i'd just take some screenshots of your config and build it up from scratch. If your suspicious of any bios-level modifications after a fresh install leave it in a corner powered on with the auto-updating disabled and start sniffing it's wan port for a week. As others have mentioned, Netgate hardware is there and works well (beyond being clean).

FWIW, Netgate does sell some offerings on Amazon (a suggestion for Netgate, you may want to add the higher end models there...even if at an adjusted price level to cover the Amazon "tax" so the sales page can provide some detail around the licensing and how some 3rd party sellers are doing shady things).

As someone who has been using x86 builds of pfSense for almost 13 years (now I feel old) the ARM solutions were originally design for cost and power considerations. They scale much better than before but in larger deployments the x86 (now x64) builds scale better (Netgate does offer both of these as well as support offerings if you need it).

..But when will the community learn that hardware sales are what pays for the engineering time and talent, the testing, the documentation, and the infrastructure (on-line and offline) that goes into making pfSense software available to them?

Historically this wasn't case, as time has evolved this has become the case. For a product that was originally designed as a fork of mono with a much better interface and a more modern underlying kernel (FreeBSD 4.x driver support was horrible) it was never originally a commercial offering. This came later initially with stickers, hats, shirts, ect and expanded from there to where  it is today. Netgate has always provided a decent value add for businesses who needed active support contracts and an off the self solution (IMO).
--------------------------------------------------------------------------------------
pfSense Documentation Wiki
Need Commercial Support?
Personal Blog

Offline ecfx

  • Full Member
  • ***
  • Posts: 227
  • Karma: +31/-14
    • View Profile

Offline Blade Runner

  • Jr. Member
  • **
  • Posts: 59
  • Karma: +3/-4
    • View Profile
Re: Admin password changed itself. Twice. Yes it did.
« Reply #55 on: January 27, 2018, 03:59:59 pm »
I am just absolutely disgusted what I have found here:
http://www.wipo.int/amc/en/domains/search/text.jsp?case=D2017-1828
http://web.archive.org/web/20160314132836/http://www.opnsense.com/

no comment.  :-X
I don't care about legalese. The trailer was LOL, RELEASE THE FILM. Make Movies Great Again!
Do not be afraid to fail.