Page 2 of 2 FirstFirst 12
Results 11 to 20 of 20

Thread: Ubiquity Alert

  1. #11
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    1,415

  2. #12
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    21,385

    Default

    Wait... people use Ubiquiti routers? :P
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #13
    Untangle Ninja hescominsoon's Avatar
    Join Date
    Sep 2007
    Posts
    1,668

    Default

    yes..the edgerouter and their USG series are nice products for basic security and even features DPI. It is not billed as nor functions as a UTM like UT does however. They actually have a good suite of good products. These issues you see are from their early days. their initial attitude towards security researchers was poor and it shows in these kinds of issues. Uqiquiti has drastically improved on the security front in terms of initial quality and response time in the past few years though. Ubuquiti recently brought in the project manager of PFSense to handle the Unifi security products so expect to see more improvements. Ubiquiti does not have the intention of going UTM at the moment so if you require the full UTM suite right now Untangle is a good bet.
    Emmanuel Technology Consulting

    Untangle Partner
    Former Sophos UTM Partner

  4. #14
    Master Untangler
    Join Date
    May 2010
    Posts
    296

    Default

    I have a USG sitting on the table right now. It *could* be a neat device, except it isn't.

    DPI misidentifies data regularly, and even when it gets it right you can't filter or block based on DPI data, can't configure a number of (what I consider) base functions without bailing out of the UI and going to JSON files. Etc. It is a beta product at best, and I wouldn't run it in my home, let alone commercially, as it stands right now.

    But each to their own.

  5. #15
    Untangle Ninja hescominsoon's Avatar
    Join Date
    Sep 2007
    Posts
    1,668

    Default

    Quote Originally Posted by JasonJoel View Post
    I have a USG sitting on the table right now. It *could* be a neat device, except it isn't.

    DPI misidentifies data regularly, and even when it gets it right you can't filter or block based on DPI data, can't configure a number of (what I consider) base functions without bailing out of the UI and going to JSON files. Etc. It is a beta product at best, and I wouldn't run it in my home, let alone commercially, as it stands right now.

    But each to their own.
    What version of the software are you running?

    I can tell you the DPI on the USG at least tries to identify stuff...Sophos DPI has a problem where it doesn't do anything in many cases at all....
    Last edited by hescominsoon; 04-15-2017 at 08:58 AM.
    Emmanuel Technology Consulting

    Untangle Partner
    Former Sophos UTM Partner

  6. #16
    Master Untangler
    Join Date
    May 2010
    Posts
    296

    Default

    I tried every USG firmware release up the the last couple before ripping it back out about 2 months ago.

    It identifies probably 85% right, and 15% wrong (which isn't very good at all). But my comparison is Untangle, which gets probably 99+% of traffic categorized correctly. So I just went back to using Untangle as my router, instead of inline in bridge mode in front of the USG.

    Sophos is a peice of crap (my opinion from my experiences), no point even discussing the many things it does incorrectly at this point. And if you go XG, it is even worse.

  7. #17
    Untanglit
    Join Date
    Feb 2017
    Posts
    27

    Default

    Same with any devices really. The most common attack we see are root against SSH. Turn off SSH or assign SSH to a non-standard port and non-default credentials. In some cases we block WAN facing. Place a dedicated laptop on the rack. VPN to the rack, then putty to the device on the LAN via IP restriction. Pretty rock solid.

    Lazy IT is lazy IT.

  8. #18
    Newbie
    Join Date
    May 2017
    Posts
    2

    Default

    Hey JasonJoel, I've been toying with Sophos XG and hadn't looked at their original version since it seems that's going to be phased out quickly after XG reaches feature parity. I initially really liked XG and then stuff just seemed to not work or be a bit "off".

    I know you said you don't want to discuss the things it does incorrectly and I'd just like to know what you experienced with it. No need to a full on discussion since I'm sure we'll just agree on most points.

    That being said I've been running Untangle at home and paid for the home version too. Product really works well and I've had zero issues with it once it's up and running.

  9. #19
    Untangle Ninja hescominsoon's Avatar
    Join Date
    Sep 2007
    Posts
    1,668

    Default

    Or restrict who can see ssh to trusted external networks only.
    Emmanuel Technology Consulting

    Untangle Partner
    Former Sophos UTM Partner

  10. #20
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    21,385

    Default

    Quote Originally Posted by hescominsoon View Post
    Or restrict who can see ssh to trusted external networks only.
    Yeah, exposing RDP, SSH, Telnet, basically anything that is natively capable of taking control of a device to the Internet is silly. That's what VPN is for.

    SSH is ok if you use certificate only auth.
    RDP works great if you go two factor.

    There are ways to expose these things safely, but I reserve those for specific needs, as a general rule administrative access is simply limited.
    JasonJoel likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2