this post was submitted on 12 Jul 2023
19 points (95.2% liked)

Sysadmin

7664 readers
105 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]

founded 1 year ago
MODERATORS
top 5 comments
sorted by: hot top controversial new old
[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

I like the hyperbole and all, but can you at least include the critical information? Literally just patch:

The flaw impacts the following FortiOS versions:

  • FortiOS version 7.2.0 through 7.2.3
  • FortiOS version 7.0.0 through 7.0.10
  • FortiProxy version 7.2.0 through 7.2.2
  • FortiProxy version 7.0.0 through 7.0.9

For those unfamiliar, anyone who is patching is already good. The previous two patches fixed this issue, and you should already be patched past this point to mitigate the June 9.8.

[–] slazer2au 2 points 1 year ago (1 children)

Man, 7.0 has been a hot mess with their WAD. I haven't upgraded any customer off 6.4 yet. I think I will skip 7.0 and jump straight to 7.2.

[–] defensor_fortis 2 points 1 year ago

There's been issues with the WAD process using up memory until the unit goes into conserve mode since I was on 6.0.6. I started running a script to restart the process twice daily and have never had a problem since. I just upgraded from 6.4.13 to 7.0.12 a few weeks ago and I've left the script to run on every upgrade since 6.0.6. I've never disabled it to see if I don't need it any longer, maybe I should.

config system auto-script
    edit "restart_wad"
        set interval 43200
        set repeat 360
        set start auto
        set script "diag test app wad 99"
    next
end
[–] [email protected] -1 points 1 year ago (1 children)

LOL! Remind me again how proprietary hardware and software is more secure than open source? Insecurity through obscurity.

[–] SheeEttin 3 points 1 year ago

It's not, but that's not to say that open source software is any more secure just by virtue of being open source. Software needs auditing either way.

load more comments
view more: next ›