| June 29, 2008 |
Zeroshell 1.0.beta10 is ready. It comes with a newer Kernel which is able to manage more recent hardware. Starting with this release, SATA and USB HD/CDROM are also supported for the boot. Setting the IDE Hard Disk as Primary Master is not longer required for booting. Some bugs have been fixed and the Host-to-LAN VPN service with OpenVPN and the startup script support have been improved.
|
| May 2, 2008 |
A preconfigured version of DansGuardian is available, that cooperating with the transparent proxy service, allows to filter the unwanted web pages. The default configuration blocks the web pages containing adult material. More details available at URL http://www.zeroshell.net/eng/patch-details#AA00.
|
| April 28, 2008 |
It is available an update in order to protect the captive portal resources from DoS caused by some worms which use the ports 80 and 443 TCP. This patch acts by limiting the number of simultaneous connections from the same IP address by using the iptables module connlimit. More details available at URL http://www.zeroshell.net/eng/patch-details#A510.
|
| April 20, 2008 |
A patch is available in order to increase the stability and the performances of the proxy service. More details available at URL http://www.zeroshell.net/eng/patch-details#A500.
|
| March 30, 2008 |
It is available an image of Zeroshell 1.0.beta9 that is able to boot from an USB disk. The minimum size of the USB device is 1 GByte. It is compatible either with USB 1.1 or USB 2.0. In addition, by using an USB 2.0 Flash Memory, the bootstrap is faster than using the ISO image.
|
| March 15, 2008 |
Zeroshell 1.0.beta9 is now available. This release contains a Transparent Web Proxy (HAVP) that uses ClamAV Antivirus to scan the web pages visited by the users in order to block Viruses and Worms. In addition, the proxy server allows to manage a Blacklist and a Whitelist of URLs.
A flag in the Captive Portal configuration now allows to disable the SSL protocol in the case it is not required for security reason. By using this flag, it is possible to eliminate the security warnings of the user browsers when the X.509 certificate is not signed by a trusted Certification Authority.
The flow of QoS classifier has been changed and it is now more intuitive. Apache and OpenSSL packages have been updated, because the previous versions were vulnerable as reported by Nessus.
|
| January 20, 2008 |
Zeroshell 1.0.beta8 is now available. The main new feature is the WiFi support, with which, a Zeroshell box is able to act as a Multi-SSID Wireless Access Point. Any SSID can be either routed or bridged with a 802.1q VLAN. Different type of wireless security access modalities are supported, such as WPA-PSK, WPA-EAP with Radius and WEP. Multiple WiFi cards can be managed in the same box and the Load-Balancing between them can be configured. Many bugs have been fixed and the security level of the Captive Portal and the VPN connections has been increased. In addition, the network interfaces can be configured to dynamically acquire an IP address by contacting a DHCP server.
|
| December 6, 2007 |
The Kerberos tutorial http://www.zeroshell.net/eng/kerberos/ is now an official document of the Massachusetts Institute of Technology Kerberos Consortium at the URL http://www.kerberos.org/software/tutorial.html. The authentication of Zeroshell is based on MIT Kerberos 5.
|
| November 28, 2007 |
The ALIX.2C2 with 256MB of RAM, AMD Geode LX CPU 500MHz processor and MiniPCI expansion slots has been tested to work fine with the WRAP CompactFlash image of Zeroshell. I have been impressed by the better performance of this embedded platform for network appliances.
|
| November 25, 2007 |
It is available a patch for the release 1.0.beta7 of Zeroshell which enables the EAP-TTLS authentication instead of PAP (Password Authentication Protocol) for the Captive Portal validation against a RADIUS server. By using TLS encrypted tunnels, EAP-TTLS improves the security level of the Captive Portal authentication in the case in which you use RADIUS instead of the more secure Kerberos 5 protocol. For more details click here
|
| November 4, 2007 |
In the download section it is available a package which adds WiFi support to Zeroshell. The Client Station and the Access Point modes are both supported.
This release of the WiFi package only works with Wi-Fi cards (miniPCI and PCI) which have the Atheros Communications chipsets supported by the Kernel modules available at http://madwifi.org. To learn how to install the Wi-Fi package, read the post http://www.zeroshell.net/eng/forum/viewtopic.php?t=479 |
| October 6, 2007 |
In the download section, a VMWare Virtual Machine with a pre-installed Zeroshell image is available. You can use this VM either for testing purpose without using a dedicated hardware or in a production environment. The Virtual Appliance of Zeroshell has been tested working with VMWare Player, VMWare Workstation e VMWare Server. |
| September 16, 2007 |
ZeroShell 1.0.beta7 release is available. A few bugs have been fixed and Host-to-LAN VPN connections are now possible using OpenVPN. This type of VPN, which is supported by the most used platforms such as Linux, Solaris, OpenBSD, FreeBSD, NetBSD, Mac OS X and Microsoft Windows, is easier to configure in the client than the L2TP/IPSec VPN. Using OpenVPN, ZeroShell is able to authenticate the VPN users with X.509 certificates, Kerberos 5 servers (such as a Active Directory Domain controllers) and RADIUS servers.
A client configuration file for OpenVPN is available in the download section. |
| September 11, 2007 |
ZeroShell is now a Certified DynDNS dynamic DNS updater. Please visit this page for further details. |
| August 22, 2007 |
ZeroShell 1.0.beta6 release is available at the URL http://www.zeroshell.net/eng/download/. The main new features are related to the Captive Portal which is now able to authenticate also by using external RADIUS servers and the X.509 certificates. The X.509 authentication allow you to use the Smart Card to access to the LAN.
This release includes the Daemon Watcher that is a process which checks if the services (LDAP, DNS, Kerberos, RADIUS, DHCP, ssh) work fine and it restarts them if a crash occurs.
FreeRadius is updated with the latest release which should work with the supplicant 802.1x/PEAP of Windows Vista. |
| July 2, 2007 |
There is a bug in the release 1.0.beta5 of ZeroShell for which the VoIP connections with SIP protocol could not work correctly. To solve the problem you have to add the command modprobe -r ip_nat_sip in the startup script from the section [Setup]->[Startup]. |
| June 27, 2007 |
ZeroShell 1.0.beta5 release is available at the URL http://www.zeroshell.net/eng/download/. It contains many bug fixes and new features. The main improvement is the implementation in the Firewall of the Connection Tracking Logger which allows to log all the connections (Protocol, Source IP, Source Port, Destination IP, Destination Port). |
| April 18, 2007 |
A Captive Portal BUG is causing that the Username and the Password of the users are listed in the History of the browser. You should not use the Captive Portal in a public place such as a HotSpot in which more users are able to access to a same web browser profile. This bad behavior will be corrected in the 1.0.beta5 release. |
| February 18, 2007 |
Zeroshell 1.0.beta4 is now available. The difference with the previous version is the presence of the package l7-filter that allows to classify the traffic by inspecting the application layer. This is useful if you want to provide the QoS to the protocols that you are not able to identify only with the IP addresses or the TCP/UDP ports such as the VoIP protocols H323 and SIP. |
| January 28, 2007 |
Zeroshell 1.0.beta3 is now available. The main new feature of this release is the QoS (Quality of Service) manager to control the traffic over a congested network. You will be able to guarantee the minimum bandwidth, limit the max bandwidth and prioritize the traffic classes. Moreover, you will able with the Firewall and QoS classifier to intercept Peer-to-Peer file sharing traffic by using IPP2P iptables module and connection tracking. |
| 7 November 2006 |
Due to several requests I have added support for the WRAP (Wireless Router Application Platform) boards. These nice and cheap small computer for network appliances need of a custom CompactFlash image |
| 2 November 2006 |
At the URL http://www.zeroshell.net/eng/forum/ some forums are available about ZeroShell, networking, Linux and networking and embedded devices for network appliances |
| 25 October 2006 |
The Compact Flash image 1.0.beta2 is now available. |
| 24 September 2006 |
The ISO image of Zeroshell 1.0.beta2 is now available. |
| 29 June 2006 |
The Compact Flash image is now available. |
| 25 June 2006 |
The ISO image of Zeroshell 1.0.beta1 is now available. The Compact Flash image and the C++ source code will be available as soon as possible. |
Feed
English
Italiano
What is it?