[zorp] ANN: Zorp 0.9.1 released
Mon, 14 May 2001 12:22:23 +0200
We are happy to announce that we have released Zorp 0.9.1, the first member
of our development tree. As this release contains new features and has only
been tested internally, we consider it BETA quality code.
This is the first Zorp version which compiled and worked on non-Linux
platforms. I tested it on FreeBSD 4.3 and successfully send through a
transparent HTTP request.
There are two big changes in this release:
* Connection tracking for UDP based protocols
UDP based protocols has always been a nightmare for Proxy based firewalls.
With this component in-place, Zorp will be able to provide application
level gateways for UDP based protocols like Radius, TFTP and SNMP.
Zorp tracks sessions using timeouts, _AND_ protocol information.
* Authentication framework
Requiring authentication when crossing a firewall is often required in
company security policies. For now, we released parts of our framework
which provide inband authentication.
Inband authentication implements authentication strictly in the protocol
itself (like HTTP proxy authentication, or authenticating twice in FTP)
Since most protocols do not support the notion of authentication when
crossing a security perimeter, other authentication methods are required.
Outband authentication uses an independent channel between the client and
the firewall, and this independent channel is used to perform
authentication. This method is transparent to the underlying application,
and enables strong authentication systems like RB1 CryptoCard or RSA
SecurID. Our outband authentication system is not yet published and will
be part of our commercial solution.
Here's the NEWS entry.
Mon, 14 May 2001 11:17:28 +0200
The first release in the 0.9.x branch is released containing our three
months' worth work. Most notable changes, news are summarized below:
* Connection tracking for UDP based protocols, an example can be found
in Plug which is now able to proxy UDP packet streams in both
* Authentication framework, inband authentication support in Http
authenticating against TIS fwtk compatible authserv.
* General cleanup, fixes, small additions to proxies.
This release is available at the usual places
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1