Results 1 to 10 of 10
  1. #1
    Untangle Ninja
    Join Date
    Jan 2009
    Posts
    1,186

    Default Just out of curiosity, if Connect to Command Center....

    Just out of curiosity, if Connect to Command Center is disabled and has been disabled on an install for months now, how is it that Threat History in the Command Center is populated with all the occasional attachments that have triggered Virus Blocker on that install?

  2. #2
    Master Untangler
    Join Date
    Jul 2010
    Location
    Nanaimo B.C
    Posts
    436

    Default

    Quote Originally Posted by fasttech View Post
    Just out of curiosity, if Connect to Command Center is disabled and has been disabled on an install for months now, how is it that Threat History in the Command Center is populated with all the occasional attachments that have triggered Virus Blocker on that install?
    First Of all, why would you disable Command center ?
    Started Youtube Channel, Have a question about Untangle Ask me : jason @ jasonslab.ca
    https://www.youtube.com/channel/UCa6...vrywIaGtDXOlSQ

  3. #3
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,393

    Default

    I'm pretty sure it connects anyway, I'm just not sure exactly when. Possibly on admin login? I've seen the same behavior at times, but never took the time to look into it.
    dashpuppy likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  4. #4
    Untangler
    Join Date
    May 2008
    Posts
    464

    Default

    Quote Originally Posted by dashpuppy View Post
    First Of all, why would you disable Command center ?
    Maybe because they might be vulnerable to log4j etc.

    Just because you know you are paranoid doesn't mean they are not after you.
    Last edited by donhwyo; 12-20-2021 at 08:16 AM.

  5. #5
    Master Untangler
    Join Date
    Jul 2010
    Location
    Nanaimo B.C
    Posts
    436

    Default

    Quote Originally Posted by donhwyo View Post
    Maybe because they might be vulnerable to log4j etc.

    Just because you know you are paranoid doesn't mean they are not after you.
    Turning off the Command center doesn't make sense to do at all...
    Started Youtube Channel, Have a question about Untangle Ask me : jason @ jasonslab.ca
    https://www.youtube.com/channel/UCa6...vrywIaGtDXOlSQ

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,393

    Default

    Untangle's Command Center is hiding behind Cloudflare's Web Firewall, which has been dealing with Log4j far longer than anything else.

    Not to mention its age, I'd be highly surprised if Untangle built it based on any JAVA at all to have Log4j involved. If they did, that was rather silly of them. But regardless, I'd assume such a platform is already updated to a version of Log4j that isn't hopeless?

    As for the Command Center, as a matter of principle I also have that feature disabled on all of my units, my NFR is one exception. Why? Because the systems in question ARE NOT MINE! They each belong to someone else that I'm providing support for. It's not appropriate to have them all piled up in my Command Center, exposing them all to my technical risks as well as their own.

    Secured Islands, it's a concept critical to defense in depth. You ask why would you turn that off, and I respond why did you turn it on?
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #7
    Untangler
    Join Date
    May 2018
    Posts
    80

    Default

    Confirming Command Center is not vulnerable to the recent log4j vulnerabilities.
    dashpuppy likes this.
    Heather P
    Untangle Product Team

  8. #8
    Master Untangler
    Join Date
    Jul 2010
    Location
    Nanaimo B.C
    Posts
    436

    Default

    Quote Originally Posted by sky-knight View Post
    Untangle's Command Center is hiding behind Cloudflare's Web Firewall, which has been dealing with Log4j far longer than anything else.

    Not to mention its age, I'd be highly surprised if Untangle built it based on any JAVA at all to have Log4j involved. If they did, that was rather silly of them. But regardless, I'd assume such a platform is already updated to a version of Log4j that isn't hopeless?

    As for the Command Center, as a matter of principle I also have that feature disabled on all of my units, my NFR is one exception. Why? Because the systems in question ARE NOT MINE! They each belong to someone else that I'm providing support for. It's not appropriate to have them all piled up in my Command Center, exposing them all to my technical risks as well as their own.

    Secured Islands, it's a concept critical to defense in depth. You ask why would you turn that off, and I respond why did you turn it on?
    I really hope Untangle works on some Proper 2FA stuff 2022. THis simple email 2FA code is not acceptable these days and should be resolved... It's one of the things i get questioned every day about Selling more Untangle appliances and stuff, do they have Proper 2FA yet ? When i say no people drop the conversation and say then we won't use the product then.
    Started Youtube Channel, Have a question about Untangle Ask me : jason @ jasonslab.ca
    https://www.youtube.com/channel/UCa6...vrywIaGtDXOlSQ

  9. #9
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,393

    Default

    Quote Originally Posted by dashpuppy View Post
    I really hope Untangle works on some Proper 2FA stuff 2022. THis simple email 2FA code is not acceptable these days and should be resolved... It's one of the things i get questioned every day about Selling more Untangle appliances and stuff, do they have Proper 2FA yet ? When i say no people drop the conversation and say then we won't use the product then.
    Well, in theory the Command Center can be SSO'd to M365 or GSuite, and therefore use the 2FA there, but I've only managed to lock myself out. Ticking the box enforces the requirement, but there's no setup! And if there's documentation on how that process works I've sure missed it.

    But without MFA on the LOCAL ADMIN LOGINS to all products in question, properly 2FA'ing the Command Center is largely moot.

    And yes, this should have been in the product ages ago, we were PROMISED it to be in the product when they inserted OpenVPN to the phrase after the fact and let us all down. Not that we don't need that too... but still.
    dashpuppy likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #10
    Newbie
    Join Date
    Jan 2022
    Posts
    1

    Default

    vulnerable to log4j may the the reason

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2