Search found 375 matches

by dnl
January 26th, 2018, 8:08 am
Forum: Installation
Topic: Unable to Install the system - 2.19 Core 117 [SOLVED]
Replies: 4
Views: 1458

Re: Unable to Install the system - 2.19 Core 117 [SOLVED]

When I have a chance I'll update the https://wiki.ipfire.org/installation/wr ... lash-image wiki page to add instructions to check md5 checksum (mount the IPFire USB and check it with `md5sum -c md5sum.txt`.
by dnl
January 26th, 2018, 6:12 am
Forum: Installation
Topic: Unable to Install the system - 2.19 Core 117 [SOLVED]
Replies: 4
Views: 1458

Re: Unable to Install the system - 2.19 Core 117

I was able to resolve this - corrupt install media. I ran a memtest from the ipfire installer but after some minutes it froze. This seemed suspicious so I made a Fedora bootable USB stick and tried memtest from that. It passed. I then installed Fedora, which also worked. I checked the md5 sums on th...
by dnl
January 26th, 2018, 4:14 am
Forum: Installation
Topic: Unable to Install the system - 2.19 Core 117 [SOLVED]
Replies: 4
Views: 1458

Unable to Install the system - 2.19 Core 117 [SOLVED]

I read Michael's blog "Meltdown/Spectre - The chaotic story" and though I really should rebuild on a 64-bit system. I had an older AMD based system spare and tried installing IPFire today, but installation keeps failing with the really unhelpful error message "Unable to Install the system". I switch...
by dnl
January 21st, 2018, 5:49 am
Forum: IPFire in General
Topic: How to Force clients to use IPFire's DNS
Replies: 24
Views: 5544

Re: How to Force clients to use IPFire's DNS

Good idea. Done!
by dnl
January 20th, 2018, 10:24 pm
Forum: IPFire in General
Topic: How to Force clients to use IPFire's DNS
Replies: 24
Views: 5544

Re: How to Force clients to use IPFire's DNS

FischerM wrote:
January 20th, 2018, 12:33 pm
Just to clarify - I did it exactly as you described.
Sorry! I must have misunderstood you.
by dnl
January 20th, 2018, 10:25 am
Forum: IPFire in General
Topic: How to Force clients to use IPFire's DNS
Replies: 24
Views: 5544

Re: How to Force clients to use IPFire's DNS

So what do you think? Is this the right answer below? 1. Set IPFires DNS to OpenDNS IPs in the GUI: Network, Assign DNS-Server and also in the Setup: Network, Assign DNS-Servers. 2. Create firewall rules to block all port 53 from the Green to the RED since IPFire is handling DNS now with OpenDNS. I...
by dnl
January 18th, 2018, 11:20 am
Forum: Development
Topic: When will IPFire update to a secure kernel?
Replies: 6
Views: 2866

Re: When will IPFire update to a secure kernel?

This post wasn't intended to address Meltdown/Spectre, but the age of the kernel version in IPFire. However, as we are talking about it, you might like to quickly read this Ars Technica article The impromptu Slack war room where ‘Net companies unite to fight Spectre-Meltdown The early disclosure of ...
by dnl
January 17th, 2018, 8:20 am
Forum: Development
Topic: When will IPFire update to a secure kernel?
Replies: 6
Views: 2866

Re: When will IPFire update to a secure kernel?

Thank you Michael and Arne for your replies. I did read your blog post Michael, but suspect ava1ar missed it as he replied after you posted it. I'm also very disappointed with Intel over this. Some vulnerabilities have been around since 1995!! Despite IPFire being the "distribution supporting us" I ...
by dnl
January 7th, 2018, 3:13 am
Forum: IPFire in General
Topic: Meltdown & Spectre patches ?
Replies: 9
Views: 3293

Re: Meltdown & Spectre patches ?

FischerM wrote:
January 6th, 2018, 8:15 pm
Hi,

You'll have to pay for these:
http://blog.snort.org/ wrote:Friday, January 5, 2018
...
Snort Subscriber Rule Set Update for 01/04/2018, Release #2, Intel Vulnerabilities
...
And automate snort updates yourself, as IPFire sadly still doesn't do it. See all of Snort Rules Update thread.
by dnl
January 7th, 2018, 3:11 am
Forum: IPFire in General
Topic: Snort Rules Update
Replies: 81
Views: 28235

Re: Snort Rules Update

So how do we get this as a package? A developed and managed addon? Is there a way to fund this? Or do we wait for the Suricata integration which is planed for IPFire-3.x? Hopefully Suricata will have an automatic update feature! Normally the way to fund something, if like me you can't write it your...
by dnl
January 7th, 2018, 2:17 am
Forum: Development
Topic: When will IPFire update to a secure kernel?
Replies: 6
Views: 2866

When will IPFire update to a secure kernel?

Hello, I know the core developers pay attention to the security of core components of IPFire and I really appreciate it about this software. However we've been stuck on a version 3 kernel for a long time now. Was this because they've wanted to keep the grsecurity patches for as long as possible? Any...
by dnl
January 2nd, 2018, 4:19 am
Forum: IPFire in General
Topic: How to Force clients to use IPFire's DNS
Replies: 24
Views: 5544

Re: How to Force clients to use IPFire's DNS proxy

Do you believe that DNS redirection is still working? Right now, I'm using the second rule ( 2. Block all DNS traffic except through IPFire's DNS proxy ) on GREEN and BLUE. They look exactly like yours - without the source port . DNS is working. HTH, Matthias EDIT: One more difference: I'm not drop...
by dnl
January 1st, 2018, 10:33 am
Forum: IPFire in General
Topic: Snort Rules Update
Replies: 81
Views: 28235

Re: Snort Rules Update

I wish this would become a package available in IPFire. How can we help make this happen? I still cant believe after all this time we still have to manually update Snort. When I was notified of your reply to this thread, I re-read it all. Is very disappointing that this basic requirement of the IDS...
by dnl
January 1st, 2018, 10:26 am
Forum: IPFire in General
Topic: How to Force clients to use IPFire's DNS
Replies: 24
Views: 5544

Re: How to Force clients to use IPFire's DNS proxy

Leave 'Source port' empty. Hi Matthias, I rewrote the wiki page IcyFire has referenced here to include steps which Michael provided me back in 2015. However I notice that Arne.F striked-out all the text in that section and added a comment " This rules are not working because the “target” of hijacke...
by dnl
December 28th, 2017, 4:51 am
Forum: IPFire in General
Topic: Multiple NICs
Replies: 5
Views: 1067

Re: Multiple NICs

@peksi yeah after further thought this doesn't meet my requirements either. A flexible network layout with multiple GREEN or BLUE networks would be ideal.