Tab Content
  • docfuz's Avatar
    10-19-2017, 04:18 AM
    docfuz replied to a thread Aes ni cpu in OpenVPN
    It should if openssl uses it. You can see if it's used by openssl libs and if the processor supports and if it is enabled by comparing these two...
    2 replies | 35 view(s)
  • docfuz's Avatar
    10-19-2017, 04:02 AM
    If I get it right you don't/can't use the Web Filter App, but you would like UT to use a DNS zone list like the one you mention. Why don't you set...
    4 replies | 481 view(s)
  • docfuz's Avatar
    10-18-2017, 12:38 PM
    Yes, I've been using that as configuration basis and I haven't got any issues in the last updates, adoptions and provisions. In fact it's running...
    6 replies | 153 view(s)
  • docfuz's Avatar
    10-18-2017, 09:23 AM
    Looking again at the sshot you attached, I am dubious, though. The tagged external interface should be set addressed, set as WAN and NAT egress...
    6 replies | 153 view(s)
  • docfuz's Avatar
    10-18-2017, 09:18 AM
    Is it so? I'm in bridged mode with USG<>UT<>switch and I currently use OpenVPN App in client mode towards an external ovpn server. So I presume...
    6 replies | 153 view(s)
  • docfuz's Avatar
    10-18-2017, 02:43 AM
    You can try with vconfig. For instance: vconfig add eth0 2 will create a eth0.2 with VLAN id 2. Then vconfig set_egress_map eth0.2 3 ...
    6 replies | 153 view(s)
  • docfuz's Avatar
    10-17-2017, 04:03 PM
    docfuz replied to a thread Subnets/VLAN tagging in Networking
    Great to hear that! (we all forget something somewhere sometimes ;))
    9 replies | 150 view(s)
  • docfuz's Avatar
    10-17-2017, 03:26 PM
    docfuz replied to a thread Subnets/VLAN tagging in Networking
    If the switch is configured with the right 802.1q tags, i.e. with the same values, and with right tags or trunks per port, DHCP should work. Is it?
    9 replies | 150 view(s)
  • docfuz's Avatar
    10-17-2017, 03:14 PM
    docfuz replied to a thread Subnets/VLAN tagging in Networking
    Please note that having Source int in a rule belonging in a policy whose rule is set by source interface as well, is useless and may be used just for...
    9 replies | 150 view(s)
  • docfuz's Avatar
    10-17-2017, 03:09 PM
    docfuz replied to a thread Subnets/VLAN tagging in Networking
    That choice is up to you. Are you using UT as router to the Internet or not? I'm not, so I'm using a bridged configuration and it's the router past...
    9 replies | 150 view(s)
  • docfuz's Avatar
    10-17-2017, 02:58 PM
    docfuz replied to a thread Subnets/VLAN tagging in Networking
    If you have configured the two VLAN interfaces in Untangle (both bridged and routed scenarios would work) then you could create two policies:...
    9 replies | 150 view(s)
  • docfuz's Avatar
    10-17-2017, 02:27 PM
    docfuz replied to a thread Wireguard in Tunnel VPN
    Disclaimer: I would not implement support of a beta VPN solution in a product like Untangle. It would send contradictory messages. Having said...
    9 replies | 546 view(s)
  • docfuz's Avatar
    10-17-2017, 02:14 PM
    docfuz replied to a thread Krack hack in Tips and Tricks
    From the messages I received here and from colleagues of mine: YES, every OS might have a vulnerable implementation that leads to exploiting. My...
    35 replies | 808 view(s)
  • docfuz's Avatar
    10-17-2017, 01:32 PM
    docfuz replied to a thread Krack hack in Tips and Tricks
    While I think that reading all the messages clearly states my point of view, I concur that to get the result I stated I should have repeated all the...
    35 replies | 808 view(s)
  • docfuz's Avatar
    10-17-2017, 01:11 PM
    docfuz replied to a thread Krack hack in Tips and Tricks
    I think you're mixing the vulnerability with the attack surface. While the problem is in the protocol itself, it's only - currently (*)- the...
    35 replies | 808 view(s)
  • docfuz's Avatar
    10-17-2017, 12:11 PM
    docfuz replied to a thread Krack hack in Tips and Tricks
    If the firmware is based on Linux, which we could assume it is, I'd say that they most definitely are vulnerable.
    35 replies | 808 view(s)
  • docfuz's Avatar
    10-17-2017, 12:10 PM
    docfuz replied to a thread Krack hack in Tips and Tricks
    1) No. He will discover your ESSID by looking at the probes made by the legitimate clients (e.g. after forcefully disconnetting them from your AP via...
    35 replies | 808 view(s)
  • docfuz's Avatar
    10-17-2017, 11:35 AM
    docfuz replied to a thread Krack hack in Tips and Tricks
    Hmmm, I'm not that sure I can be on this side of viewing things: we could point out that probably nobody outside home users are relying on a single...
    35 replies | 808 view(s)
  • docfuz's Avatar
    10-17-2017, 10:56 AM
    docfuz replied to a thread Krack hack in Tips and Tricks
    While I love ubiquity stuff, Linux and - since a few months - Untangle, I fear some of you are not totally getting the point of some of the CVEs...
    35 replies | 808 view(s)
  • docfuz's Avatar
    10-13-2017, 05:00 AM
    docfuz replied to a thread DNS Leaking in Tunnel VPN
    Wait. DNS leaks may be seen in two ways: - the address resolutions you're asking for, e.g. the fact you're asking for translation of questionable...
    29 replies | 1092 view(s)
  • docfuz's Avatar
    10-09-2017, 04:04 PM
    docfuz replied to a thread DNS Leaking in Tunnel VPN
    I'm not using TunnelVPN so I'm shooting without aiming. Wouldn't it be possible to tag hosts routed through the tunnel and then block any traffic to...
    29 replies | 1092 view(s)
  • docfuz's Avatar
    10-01-2017, 07:04 AM
    ;) oooook, thank you for the metaphor. . This is it. If so, this answers this and many other questions seen in the forums. I thought that there...
    12 replies | 777 view(s)
  • docfuz's Avatar
    09-30-2017, 01:34 PM
    dmorris, this is OK, it's stated almost everywhere in the forums and the wiki. vertiris just happens to have a human problem with audit, not a...
    12 replies | 777 view(s)
  • docfuz's Avatar
    09-30-2017, 12:44 PM
    I think vertiris read your reply. He's asking another thing. And the answer is not currently available if all he needs is presenting to the...
    12 replies | 777 view(s)
  • docfuz's Avatar
    09-28-2017, 03:44 PM
    docfuz replied to a thread The SSL era in Networking
    Wait everybody :embarrassed: Of course certificate pinning is already doable in the desktop world, too. In apps, as you say. It's not easily put...
    8 replies | 362 view(s)
  • docfuz's Avatar
    09-27-2017, 05:33 PM
    docfuz replied to a thread The SSL era in Networking
    While I don't disagree with your line of thinking, I see many real life uses of SSL inspection in many network infrastructures I regularly visit and...
    8 replies | 362 view(s)
No More Results
About docfuz

Basic Information

About docfuz
URLs submitted:
0

Statistics


Total Posts
Total Posts
63
Posts Per Day
0.29
General Information
Last Activity
10-19-2017 03:06 PM
Join Date
03-17-2017
Referrals
0

SEO by vBSEO 3.6.0 PL2