Search found 457 matches
- May 19th, 2017, 12:56 pm
- Forum: IPFire in General
- Topic: Brief report on IPFire by SANS ISC
- Replies: 1
- Views: 844
Brief report on IPFire by SANS ISC
Hello all, just saw that someone at the SANS ISC wrote a brief report on IPFire. It concludes that the firewall distribution is suitable for home use. https://dshield.org/forums/diary/IPFire+A+Household+Multipurpose+Security+Gateway/22254/ Just thought someone might want to know... Maybe we can set ...
- April 13th, 2017, 8:18 am
- Forum: IPFire in General
- Topic: Firewall Default Zone RuleSet
- Replies: 5
- Views: 2134
Re: Firewall Default Zone RuleSet
Hello,
whoof, is IPFire able to handle VLANs at all?
Since I have absolutely no experience with this (we use physical isolated networks in my company), I'm afraid I cannot help.
Best regards,
Timmothy Wilson
whoof, is IPFire able to handle VLANs at all?

Since I have absolutely no experience with this (we use physical isolated networks in my company), I'm afraid I cannot help.
Best regards,
Timmothy Wilson
- April 13th, 2017, 8:16 am
- Forum: Konfiguration
- Topic: [GELÖST] "local recursor" lässt sich nur durch manuelle Eingabe von google-DNS beheben
- Replies: 21
- Views: 5972
Re: "local recursor" lässt sich nur durch manuelle Eingabe von google-DNS beheben
Hallo, soweit ich das überblicke, haben verschiedene Leute seit der Umstellung auf "unbound" Probleme mit dem DNS. Wenn es geht, würde ich das nächste Release abwarten, da hat sich m.E. ein bisschen was getan. Erfahrungen mit RED an DHCP habe ich leider (?) gar keine, hier sollte man mal nen Bugrepo...
- April 13th, 2017, 8:10 am
- Forum: Addons allgemein
- Topic: IDS Problem CPU Auslastung [Core 108]
- Replies: 11
- Views: 4291
Re: IDS Problem CPU Auslastung [Core 108]
Hallo, bei mir haben irgendwann mal die "bottcc-portgrouped"-Regeln für Probleme gesorgt. Allerdings läuft die Einbruchsdetektierung auf ARM-Boards sowieso mehr schlecht als recht, insofern weiß ich nicht, wie aussagekräftig das ist. Falls es was nützt, kann ich noch die Seite empfehlen: http://doc....
- April 13th, 2017, 8:07 am
- Forum: IPFire in General
- Topic: nsupdate.info issue with Core 109
- Replies: 5
- Views: 1939
Re: nsupdate.info issue with Core 109
Hello, as far as I'm concerned, there is no management console. The DynDNS free plan just offers a free A/AAAA-record (IPv4/IPv6), so there is no need for it. Updates are performed via a Web-API. Management operations such as "disable account" or "change mail address" would be nice, however, it seem...
- February 28th, 2017, 7:10 pm
- Forum: Addons
- Topic: GUARDIAN : Block internet IP when snort rule is triggered by outbound rule
- Replies: 3
- Views: 2292
Re: GUARDIAN : Block internet IP when snort rule is triggered by outbound rule
Hello Vincent, you're right, sorry for the misunderstanding. I have exactly the same question (and don't know a solution to it), perhaps it might be a good idea to file a bug report about this. The IP address 208.91.196.46 seems to be a very well known one: https://cymon.io/208.91.196.46 It is locat...
- February 28th, 2017, 4:13 pm
- Forum: IPFire in General
- Topic: nsupdate.info issue with Core 109
- Replies: 5
- Views: 1939
Re: nsupdate.info issue with Core 109
You're welcome.
In the wiki page for the DynDNS provider settings, I added a note about problems with nsupdate.info. Hopefully this might help other users, too.
Best regards,
Timmothy Wilson
In the wiki page for the DynDNS provider settings, I added a note about problems with nsupdate.info. Hopefully this might help other users, too.
Best regards,
Timmothy Wilson
- February 28th, 2017, 4:12 pm
- Forum: Addons allgemein
- Topic: IDS Problem CPU Auslastung [Core 108]
- Replies: 11
- Views: 4291
Re: IDS Problem CPU Auslastung [Core 108]
Hallo iSit, dann konzentrieren wir uns doch mal auf Green. (1) In deinem ersten Post schriebst du "manchmal". Geht das ein bisschen genauer? Kannst du die hohe Last provozieren, z.B. indem du auf den Clients Updates einspielst? (2) Was machen die Clients eigentlich? (Netzwerkverkehr, Anwendungen, et...
- February 28th, 2017, 10:52 am
- Forum: Konfiguration
- Topic: Snort GUI
- Replies: 1
- Views: 1035
Re: Snort GUI
Hallo, sorry für die späte Antwort. Ich verstehe deine Frage nicht ganz. Soweit ich weiß, gibt es im WebIF eine Seite für das Einrichten von Snort (eine mäßige bis saumäßige Doku findest du hier: http://wiki.ipfire.org/en/configuration/services/ids ). Seit dem Versionssprung auf 2.0 ist die Konfigur...
- February 28th, 2017, 10:42 am
- Forum: Addons allgemein
- Topic: IDS Problem CPU Auslastung [Core 108]
- Replies: 11
- Views: 4291
Re: IDS Problem CPU Auslastung [Core 108]
Hallo, hm, so eine Lastspitze kann an vielem liegen. Wenn snort beispielsweise gerade mit Attacken aus dem Internet zu kämpfen hat, nützt es wenig, wenn die paar Geräte in BLUE/GREEN offline gegangen sind. Sind die IDS-Regeln aktuell? Manchmal schleichen sich da beim Entwicklungsprozess Fehler ein. ...
- February 28th, 2017, 10:40 am
- Forum: Addons
- Topic: Guardian ban - permanent
- Replies: 7
- Views: 3087
Re: Guardian ban - permanent
Hello, how many IP addresses do you want to block permanently? Which ones are they? One solution might be: (a) Set up a new host group containing all the IP addresses you want to block. (b) Create a new firewall rule with Source = The group you created in the first step, Destination = Any, Protocol ...
- February 28th, 2017, 10:35 am
- Forum: IPFire in General
- Topic: Update 109 process
- Replies: 7
- Views: 2309
Re: Update 109 process
Hello H&M,
sometimes the IPFire mirrors need a day or so until they have synched their files with the main download site. If it does not work, just try it a few hours or a day later.
The list of mirrors, by the way, is available here: http://mirrors.ipfire.org/
Best regards,
Timmothy Wilson
sometimes the IPFire mirrors need a day or so until they have synched their files with the main download site. If it does not work, just try it a few hours or a day later.
The list of mirrors, by the way, is available here: http://mirrors.ipfire.org/
Best regards,
Timmothy Wilson
- February 28th, 2017, 10:30 am
- Forum: Konfiguration
- Topic: [GELÖST] "local recursor" lässt sich nur durch manuelle Eingabe von google-DNS beheben
- Replies: 21
- Views: 5972
Re: "local recursor" lässt sich nur durch manuelle Eingabe von google-DNS beheben
Hallo zusammen, Die Server vom CCC kommen und gehen ziemlich häufig daher sind die eher nicht zu gebrauchen... das kann ich hier zumindest für die IP 194.150.168.168 nicht bestätigen, der funktioniert einwandfrei, und das schon seit zwei Jahren. Auf dem Git-Server findet sich aber ein interessanter ...
- February 28th, 2017, 10:22 am
- Forum: IPFire in General
- Topic: Firewall Default Zone RuleSet
- Replies: 5
- Views: 2134
Re: Firewall Default Zone RuleSet
Hello, sorry for the late reply. :) Changing the "firewall default policy" as described in the Wiki ( http://wiki.ipfire.org/en/configuration/firewall/default-policy ) is basically possible. For example, if you want to allow network traffic from Blue to Green, set up a new firewall rule: Source: BLU...
- February 28th, 2017, 10:12 am
- Forum: IPFire in General
- Topic: nsupdate.info issue with Core 109
- Replies: 5
- Views: 1939
Re: nsupdate.info issue with Core 109
Hello Roberto, the issue you described seems to be independent from the Core Update level, since it occurred to me several times with Core 100 and 103. The provider, nsupdate.info, requires its customers not to send updates if the IP address hasn't changed. Unfortunaly, the DynDNS updating program s...