[zorp] ANN: Zorp 0.9.1 released

Balazs Scheidler bazsi@balabit.hu
Mon, 14 May 2001 12:22:23 +0200


We are happy to announce that we have released Zorp 0.9.1, the first member
of our development tree. As this release contains new features and has only
been tested internally, we consider it BETA quality code.

This is the first Zorp version which compiled and worked on non-Linux
platforms. I tested it on FreeBSD 4.3 and successfully send through a
transparent HTTP request.

There are two big changes in this release:
* Connection tracking for UDP based protocols
  UDP based protocols has always been a nightmare for Proxy based firewalls.
  With this component in-place, Zorp will be able to provide application
  level gateways for UDP based protocols like Radius, TFTP and SNMP. 

  Zorp tracks sessions using timeouts, _AND_ protocol information.

* Authentication framework

  Requiring authentication when crossing a firewall is often required in
  company security policies. For now, we released parts of our framework
  which provide inband authentication.  

  Inband authentication implements authentication strictly in the protocol
  itself (like HTTP proxy authentication, or authenticating twice in FTP)

  Since most protocols do not support the notion of authentication when
  crossing a security perimeter, other authentication methods are required. 

  Outband authentication uses an independent channel between the client and
  the firewall, and this independent channel is used to perform
  authentication. This method is transparent to the underlying application,
  and enables strong authentication systems like RB1 CryptoCard or RSA
  SecurID. Our outband authentication system is not yet published and will
  be part of our commercial solution.

Here's the NEWS entry.

zorp 0.9.1
        Mon, 14 May 2001 11:17:28 +0200

        The first release in the 0.9.x branch is released containing our three
        months' worth work. Most notable changes, news are summarized below:
        * Connection tracking for UDP based protocols, an example can be found
          in Plug which is now able to proxy UDP packet streams in both
        * Authentication framework, inband authentication support in Http
          authenticating against TIS fwtk compatible authserv.
        * General cleanup, fixes, small additions to proxies.   

This release is available at the usual places

PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1