On Wed, Sep 4, 2013 at 7:33 PM, Robert Guerra <[email protected]> wrote: > > Curious on people's comments on types of routers, firewalls and other > appliances that might be affected as > well as mitigation strategies. Would > installing a pfsense and/or other open source firewall be helpful in > anyway at a home net location? >
Maybe. Depends on what you're comparing it to. Versus any consumer-grade router, you're almost certainly far better off security-wise with pfSense (or any other professional-grade solution with a solid track record). Those products tend to ship with outdated underlying components, insecure defaults, the web interfaces are commonly exploitable, built-in backdoors have been found on multiple occasions, and the firmware commonly isn't maintained as it should be as security issues in their underlying components are discovered. One good example affecting a wide range of such vendors from earlier this year: http://blog.pfsense.org/?p=688 But that only matters if the direct target is your router/firewall. If the NSA wanted to break into your home router, they'd certainly find a means of doing so. Rooting your PC to capture the password or something along those lines if it weren't directly exploitable. Where you'll potentially benefit is with less capable adversaries, or in not getting owned at some point in the future by a router worm or someone sweeping the Internet with an exploit. _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
