 On January 7th, 2019, there's a new version available of PF Sense, which is wonderful. And I always wait a couple of days for I even have time to do a video. We start pushing the updates, and so far all the machines have updated fine, which is good news for you if you want to update it. As always, please back up before you press the update button as it's highly important. And for those of you that are experiencing weird problems, I'd suggest that as well. I refer to our forums you'll see where people have had some weird issues, and it's not hard to reload PF Sense. All the settings get copied into the backup, so download a backup reload if you're having some of those weird issues. Try that first. Anyways, back to the updates. Not any major changes here. So just a few minor things that got updated. It's not like it's a major release upgrade, but I wanted to address a couple little things about the upgrade process and how it works. Now, one of the things I do like, and this has been true since they've updated to the 244 series, do not upgrade packages before you upgrade PF Sense. This is really nice. I know they're actually referring to some of the elder versions, but this applies to this very much, so, and this is nice. I noticed when I logged into some of our PF Sense clients' machines and we're updating them that there were packages up to date, and you're tempted to go click the update on those packages. If there's a PF Sense release upgrade, update that first, and at the same time it will update all the packages, and that has gone really smooth, which has made me really happy. It also saves you a couple clicks. Any time you can save clicks, you're saving time, and time is money, and there we go for that. As far as what got fixed in this hardware support and improvements for NetGate products, yes, I'm aware they have a new firewall they release. No, I don't have one for testing. No, they haven't shipped one out. I did ask, and it doesn't sound like I'm going to get a review unit any time soon, so I will review it when I receive it. I will probably just buy it myself. That's how I've done all of the other products. For those of you wondering, they have never sent me anything for free as of here in January 2019. They've talked about it, you know, full disclosure, but we've never really come to a arrangement. I just really like their product. That's why I do these reviews. I have no direct monetary relationship either by free product or paid marketing from the folks at PF Sense. Also, you can double check this, not listed as a reseller for them, because I am not an official reseller. So, getting a couple of those things out of the way. Hardware support improvements, including probably that new product. Fixed swap slice labeling. They're apparently, and I hadn't seen this as a problem, but there is a definitely a notice on this, and there's a bug affected by it. And by the way, PF Sense is developed in full open source, so you can go through the issues and see what's going on or, you know, report bugs as you find them as well and help contribute to the project. That is not hard to find. Matter of fact, I'll leave a link to this and you can find the bug report and go from there. There is other, some IPv6 stuff. And a lot of people ask me about IPv6. I simply don't use it. So, I just don't have a use case that I can tell you much advice on it. I know some people said they had issues with IPv6 and PF Sense and so on. They're fixing them, which is good, but I don't have a lot of insight into that because of our lack of use of IPv6. Just not something our clients are really having a need for. One of the things they will, there's a couple other things, updated dynamic DNS to contact to accommodate changes in digital ocean, fixed open VPN free radius authentication, fixed input validation, rejected certain hash shell algorithm for the CSR. Nothing major here, but I will talk real quickly about this. Someone brought this up and this was not updated and this was updated previously in the P1. This is the PU update we're talking about today. But yes, I know there have been CVEs in PF Sense, but I want to point out the way most of these CVEs have gone, including this one. When it's PF Sense related, there's difference between the OS it's based on and something specific to PF Sense. This particular CVE was related to a problem with PF Sense. But please note, and this is why I highly recommend you constantly think about what users you allow on your PF Sense box, which is usually none besides yourself. But if you let people have access to the PF Sense, so they had to have an account. They had to have an account that was not admin, but did have delegated specific permissions all outlined here. And those are real vulnerabilities that do need to be fixed. But where your risk factor comes in for some of these is they had to have an account. They had to have a login. You had to have assigned them some privileges. And this is a privilege escalation where if they were assigned to certain level privileges, they could be assigned more. So it's not like a public one, but that's something important about any firewall. One, they're all. I don't know any firewall that doesn't have at least some CVE attached to it, but you have to look at what those CVEs are. Because when you talk about security, you have to think specifically about what those problems are and how they relate to the firewall. So when I talk about other ones having security issues, they had exploits that were not privileged escalation. They had exploits that were allowed a user because of a default configuration on the firewall to escalate an attack without a login. When someone you trust logs in, it's still a major security issue, but you've also delegated trust to someone, someone compromised, maybe that person with a lower level access, and then they have to execute a cross site scripting or whatever the injection was to then cause that problem. And because it's all done in open and full disclosure here, you can kind of follow that process. You can understand and it's done by CVE. This is also one of the reasons I like PF Sense versus certain other one-off firewalls and forks of the project. Everyone asked me about them, but this was found by the TALOS Brandon Schultz of the Cisco TALOS security group. Cisco TALOS is an independent security group. Yes, it's owned by Cisco, so there's beholden to them, but they don't just look at Cisco. They are a great security research team that are poking at major products. That doesn't mean you should never use a minor product or a fork of something, but you got to remember if there's not a big install base of that, they may not spend as much time looking at it. So you have to look at the vetting of it. That's an important aspect for these security. I just want to make sure people are aware of that, and this has been brought to my attention. I get messages on stuff like, hey, did you know they had this arbitrary code? Excuse me, but please note, it started with authenticated arbitrary code execution, which is much less panic because pretty much we have admin access to all of our client ones and ours, and we don't have anyone that we have limited permissions, except for maybe when we hire a new staff member when we set them as a read-only while they're learning something. But for the most part, our staff has admin access, so it's not a direct issue. Glad it was addressed. But those are new features for PF Sense. No major things that make you have to jump out and do it this second. Schedule the downtime accordingly, schedule getting it done, and happy updates. So far, they've all gone fine for me. We've got a listing. Yes, I wish it auto-updated because that comes up all the time, but the other side of it is the nice, controlled update processes. It's really not that hard. We click update, you wait a few minutes, it's done. It's not something that's sucking up so much of my day that it's a big project. All right, thanks. We have a list of different affiliate offers, and it's very appreciated if you use any of those for signing up any of the services and many of them offer you discounts. If you want to head over to our forums, there'll be a link in the description for our forums, wherever they may be, because we've been looking at different forum platforms, but they'll always be relevantly linked right there. All right, once again, thanks. Leave some feedback and comments below on this video. If you loved it, if you hated it, I try to reply to everyone, the people who hate and the people who love them. So thank you very much and see you next time.