Re: [pfSense] USB3 to ethernet adaptor
All this invective, yet you run your firewall on an Intel/AMD platform. Et tu, Volker. Open Source is more about sharing than security. Anyone who argues get referred to, "Reflections on Trusting Trust." -- Jim > On Jun 5, 2016, at 8:02 PM, Volker Kuhlmann wrote: > > On Fri 27 May 2016 04:53:12 NZST +1200, RB wrote: > >>> http://seclists.org/fulldisclosure/2016/Jan/77 >>> >>> http://seclists.org/fulldisclosure/2016/Mar/25 >> >> I see, but that has nothing to do with the security of the VLAN >> implementation, rather of the switch as a whole. > > Uhhmm, very moot point. They can't even make a secure switch, how secure > their VLAN is becomes irrelevant. And the switch manufacturer couldn't > care less about fixing anything - what's your trust value in the VLAN > implementation? How different are other manufacturers? > >> Nor does it mean we avoid using an entire technology because there >> "might" be vulnerabilities in what has otherwise remained a stable and >> useful paradigm for decades. > > As "stable and useful" a paradigm as the Internet was before Snowden? > >> The question of VLAN jumping remains open, in my mind. An >> appropriate, well-configured switch fabric should have no problem > > True - as you say, "should", but it's utopic. Which means reducing critical > firmware entirely increases security a lot. No matter where you buy your > VLAN, it doesn't come close to the security of an extra port on the > firewall you already trust. VLAN is just being lazy. > >> vulnerabilities in its management software notwithstanding. > > This is a laughable argument! You can only use the whole. You're arguing > it's safe to use a (potentially!) safe fragment of VLAN firmware that by > necessity is embedded in whatever management, of which you know it's a > piece of rubbish. I'm increasingly getting the impression that network > device manufacturers only ever fix anything if there is sufficient > public backlash to make it financially worth fixing - no other reason to > fix anything exists. The logical conclusion is that such "technology" is > unsafe. > > VLAN switch with 100% open source firmware please... > > Volker > > -- > Volker Kuhlmannis list0570 with the domain in header. > http://volker.top.geek.nz/Please do not CC list postings to me. > ___ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] USB3 to ethernet adaptor
On Fri 27 May 2016 04:53:12 NZST +1200, RB wrote: > > http://seclists.org/fulldisclosure/2016/Jan/77 > > > > http://seclists.org/fulldisclosure/2016/Mar/25 > > I see, but that has nothing to do with the security of the VLAN > implementation, rather of the switch as a whole. Uhhmm, very moot point. They can't even make a secure switch, how secure their VLAN is becomes irrelevant. And the switch manufacturer couldn't care less about fixing anything - what's your trust value in the VLAN implementation? How different are other manufacturers? > Nor does it mean we avoid using an entire technology because there > "might" be vulnerabilities in what has otherwise remained a stable and > useful paradigm for decades. As "stable and useful" a paradigm as the Internet was before Snowden? > The question of VLAN jumping remains open, in my mind. An > appropriate, well-configured switch fabric should have no problem True - as you say, "should", but it's utopic. Which means reducing critical firmware entirely increases security a lot. No matter where you buy your VLAN, it doesn't come close to the security of an extra port on the firewall you already trust. VLAN is just being lazy. > vulnerabilities in its management software notwithstanding. This is a laughable argument! You can only use the whole. You're arguing it's safe to use a (potentially!) safe fragment of VLAN firmware that by necessity is embedded in whatever management, of which you know it's a piece of rubbish. I'm increasingly getting the impression that network device manufacturers only ever fix anything if there is sufficient public backlash to make it financially worth fixing - no other reason to fix anything exists. The logical conclusion is that such "technology" is unsafe. VLAN switch with 100% open source firmware please... Volker -- Volker Kuhlmann is list0570 with the domain in header. http://volker.top.geek.nz/ Please do not CC list postings to me. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] pfSense store router positioning
On 06/05/2016 10:25 AM, Walter Parker wrote: Hi, I've be doing a bit of remodeling in the household and I noticed an interesting issue with the temperature of the the router (an SG-2220). If I put the router flat, it heated up to 53 Celsius (9AM mid 70's Fahrenheit room temp). WHen I turned the router in the side, it dropped from 53 to 46 in 20 minutes and if the last experiment holds it should level out at 41). Have other people send the temp on the router higher when it is flat then when it is on the side? Haven't noticed myself, but if the venting is the same as mine (on the sides, not top and bottom), then it's perfectly reasonable. The hot air would escape more easily and be replaced by cooler air. Convection is a great friend in the right circumstances... Kenward -- In a completely rational society, the best of us would aspire to be _teachers_ and the rest of us would have to settle for something less, because passing civilization along from one generation to the next ought to be the highest honor and the highest responsibility anyone could have. - Lee Iacocca ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] pfSense store router positioning
On Sun, Jun 5, 2016 at 11:25 AM, Walter Parker wrote: > Hi, > > I've be doing a bit of remodeling in the household and I noticed an > interesting issue with the temperature of the the router (an SG-2220). If I > put the router flat, it heated up to 53 Celsius (9AM mid 70's Fahrenheit > room temp). WHen I turned the router in the side, it dropped from 53 to 46 > in 20 minutes and if the last experiment holds it should level out at 41). > > Have other people send the temp on the router higher when it is flat then > when it is on the side? > > > Walter > > -- > The greatest dangers to liberty lurk in insidious encroachment by men of > zeal, well-meaning but without understanding. -- Justice Louis D. > Brandeis > ___ ooo That is interesting, I want some decompression testing done next. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] pfSense store router positioning
Hi, I've be doing a bit of remodeling in the household and I noticed an interesting issue with the temperature of the the router (an SG-2220). If I put the router flat, it heated up to 53 Celsius (9AM mid 70's Fahrenheit room temp). WHen I turned the router in the side, it dropped from 53 to 46 in 20 minutes and if the last experiment holds it should level out at 41). Have other people send the temp on the router higher when it is flat then when it is on the side? Walter -- The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
