Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
@Linux the ASA 5505? Oh yeah, I want to change it, maybe get a Ubiquiti one
-
@ChainsawBaby
UBNT is nice, but they dont have good FW stats. Mikrotik is quite nice, also OPNsense -
@Linux I’ve got no experience with MikroTik nor OPNsense.
Aren’t thr ubnt unifi good for gateway/ firewall? -
-
@Linux interesting. What's the main difference between OPNsense and pfSense?
-
@ChainsawBaby
License, and philosophy -
@Linux interesting, and you recommend OPNsense?
But to run that, we'd need to put together some hardware ourselves? -
@ChainsawBaby
I use pfsense actually, but OPNsense has a more FOSS (or FLOSS as our dear RMS calls it) friendly approach.
Well, you do need to put your system toghether yourself, you can always buy a server for it. The Supermicro SYS-5019A-FTN4 is an excellent choice for that.
Or you can run OPNsense or pfsense as a virtual machine as I do :)
I was noticing some slow network and it was dropping some connections. So I booted up my old XP install with Java 6 so connect to the ASA 5505, I see it’s logging max connections of 10000 has been reached.
Fine, I recon it’s my colleague backing up his entire machine to Google Drive.
Because when he shut it off, n connections dropped.
I check back in the log, and I see there’s 4-500 connections happening per second, I think WTF and check the source IP. Lots of random IPs from Vietnam, all going to a Windows2008 Server using rdp.
(I didn’t setup our servers, so I didn’t know which server it was accessing)
Ask my other colleague, he told me it’s a windows server from an earlier project that’s not used anymore.
I rdp into it, see there’s users logged in from around the world, and I immediately do a shutdown.
Would you look at that, connections per second dropped to about 50.
I guess that server isn’t going back online ever.
And I now need to ask management for a budget to update our network infrastructure, because the old ASA 5505 is begging me to die.
TL;DR gg previous employees didn’t shut down old servers and left them open to the world to enjoy
rant
i don’t know what to say