Some questions about firewalla Blue

Follow
Avatar
Alejandro Sánchez Márquez

I Just received the firewalla blue and I have some questions. Forgive me if some of them have already been posted.

Monitoring

The network flows for firewalla itself are not being fed. Is this the normal behavior? Is it possible to self-monitor the device against upgoing connections?

 

Vulnerabilities

Throwing vulners script at it with nmap I found this CVEs, have they been fixed?

Not shown: 998 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.4 (Ubuntu Linux; protocol 2.0)
| vulners:
| cpe:/a:openbsd:openssh:7.2p2:
| CVE-2016-6515 7.8 https://vulners.com/cve/CVE-2016-6515
| CVE-2015-8325 7.2 https://vulners.com/cve/CVE-2015-8325
| CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
| CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
| CVE-2016-10708 5.0 https://vulners.com/cve/CVE-2016-10708
|_ CVE-2016-6210 4.3 https://vulners.com/cve/CVE-2016-6210
53/tcp open domain dnsmasq eea0774

Ports in use

The following ports are opened in my unit:

Not shown: 65530 closed ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
8833/tcp open unknown
8853/tcp open unknown
47760/tcp open unknown

What is the purpose of 8833, 8853 and 47760. Are they dynamic?

Website panel

Do you plan to add any sort of website panel to be able to access the unit also from any typical browser, thus not depending on a mobile app? I would be happy with that addition.

Spanish translation

Do you plan to add a translation to spanish language? I could give you a hand at this task.

Finally I just need to felicitate the team who created such a wonderful product for security.

0

Comments

1 comment

Sort by Date Votes
  • Avatar
    Alejandro Sánchez Márquez

    Hi again, regarding the opened ports I just got more info and it is self-explanatory.

    PORT STATE SERVICE VERSION
    22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.4 (Ubuntu Linux; protocol 2.0)
    53/tcp open domain dnsmasq eea0774
    8833/tcp open http Node.js Express framework
    8853/tcp open domain dnsmasq eea0774

    Also found a high non-private port (47760) which Im not sure about its purpose.

    Finally, regarding the unability to monitor the own firewalla box, I forgot to say that router cannot be monitored by default.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post
Powered by Zendesk