heise online
boosted
heise online
boosted
Watchguard Firebox: Gefährdung durch Standardpasswort für Admin
Watchguard versieht die Firebox-Firewalls mit Standardpasswörtern. Angreifer können sich dadurch leicht Admin-Rechte verschaffen.
#Firewall #IT #Passwörter #Security #Sicherheitslücken #Updates #news
Watchguard Firebox: Gefährdung durch Standardpasswort für Admin
Watchguard versieht die Firebox-Firewalls mit Standardpasswörtern. Angreifer können sich dadurch leicht Admin-Rechte verschaffen.
#Firewall #IT #Passwörter #Security #Sicherheitslücken #Updates #news
Bjørnar (he/him)
and 1 other
boosted
heise online
boosted
Warum OpenWrt nutzen?
In c’t sehe ich recht häufig Berichte über OpenWrt. Was mir aber bislang keiner der Artikel erklärt hat: Was ist das Tolle an dieser Router-Firmware?
Warum OpenWrt nutzen?
In c’t sehe ich recht häufig Berichte über OpenWrt. Was mir aber bislang keiner der Artikel erklärt hat: Was ist das Tolle an dieser Router-Firmware?
Michael Dexter
and 1 other
boosted
Hot take: pf's built-in connection tracking beats fail2ban/sshguard hands down.
One simple ruleset gives you automatic brute-force protection with ZERO userland daemons. No log parsing, no reaction delays, no additional attack surface.
table <bruteforce> persist
pass in proto tcp to port 22 flags S/SA (max-src-conn 5, max-src-conn-rate 3/30, overload <bruteforce> flush global)
Kernel-level enforcement, instant blocking, survives reboots with persist.
Why spawn Python processes when your firewall already knows?
Hot take: pf's built-in connection tracking beats fail2ban/sshguard hands down.
One simple ruleset gives you automatic brute-force protection with ZERO userland daemons. No log parsing, no reaction delays, no additional attack surface.
table <bruteforce> persist
pass in proto tcp to port 22 flags S/SA (max-src-conn 5, max-src-conn-rate 3/30, overload <bruteforce> flush global)
Kernel-level enforcement, instant blocking, survives reboots with persist.
Why spawn Python processes when your firewall already knows?
der.hans
boosted
looking for some nftables help
3 networks on firewall ( isp, ofc, svc ( Nextcloud, HomeAsst, etc ) )
I want to ssh and web from ofc to svc, I would prefer to route rather than nat ( show source system rather than firewall )
net.ipv4.ip_forward = 1
Should this be sufficient for the routing?
table inet filter {
chain forward {
ip saddr $ofc_net oifname $svc_nic accept
iifname $srv_nic ip daddr $ofc_net ct state related,established accept
}
}
looking for some nftables help
3 networks on firewall ( isp, ofc, svc ( Nextcloud, HomeAsst, etc ) )
I want to ssh and web from ofc to svc, I would prefer to route rather than nat ( show source system rather than firewall )
net.ipv4.ip_forward = 1
Should this be sufficient for the routing?
table inet filter {
chain forward {
ip saddr $ofc_net oifname $svc_nic accept
iifname $srv_nic ip daddr $ofc_net ct state related,established accept
}
}
heise online
boosted
Stefano Marinelli
boosted
Tomorrow 2025-09-25 at 10:30 CEST, the refreshed "Network Management with the OpenBSD Packet Filter Toolset" https://events.eurobsdcon.org/2025/talk/FW39CX/ by yours truly, @stucchimax and Tom Smyth will start at #eurobsdcon.
We will put the updated slides online just before the session starts.
#openbsd #freebsd #pf #packetfilter #networking #firewall #trickery #security
Tomorrow 2025-09-25 at 10:30 CEST, the refreshed "Network Management with the OpenBSD Packet Filter Toolset" https://events.eurobsdcon.org/2025/talk/FW39CX/ by yours truly, @stucchimax and Tom Smyth will start at #eurobsdcon.
We will put the updated slides online just before the session starts.
#openbsd #freebsd #pf #packetfilter #networking #firewall #trickery #security
Emelia 👸🏻
boosted
Does anyone know of a public set of ModSecurity exceptions for the fediverse/ActivityPub I can take a look at? I'm setting it up for GoToSocial and Mastodon now and manually doing this is pain.
Update, @cloudymax and I started a plugin here:
https://github.com/small-hack/argocd-apps/blob/2b7995c6fae5ecbb3944c6c6f4b139d98b76e67f/ingress-nginx/modsecurity_plugins_configmap.yaml#L177
Still happy to collaborate on it, but also wanted to note there was a mention a year ago about making an ActivityPub plugin over at the OWASP CRS repo, so maybe we could donate to that if its ever created:
https://github.com/coreruleset/coreruleset/issues/3497#issuecomment-1902181156
#WAF #modsecurity #nginx #apache #firewall #webApplicationFirewall #mastodon #gotosocial #activitypub
Does anyone know of a public set of ModSecurity exceptions for the fediverse/ActivityPub I can take a look at? I'm setting it up for GoToSocial and Mastodon now and manually doing this is pain.
Update, @cloudymax and I started a plugin here:
https://github.com/small-hack/argocd-apps/blob/2b7995c6fae5ecbb3944c6c6f4b139d98b76e67f/ingress-nginx/modsecurity_plugins_configmap.yaml#L177
Still happy to collaborate on it, but also wanted to note there was a mention a year ago about making an ActivityPub plugin over at the OWASP CRS repo, so maybe we could donate to that if its ever created:
https://github.com/coreruleset/coreruleset/issues/3497#issuecomment-1902181156
#WAF #modsecurity #nginx #apache #firewall #webApplicationFirewall #mastodon #gotosocial #activitypub