IPFire Improves Its Intrusion Prevention System

By

The IPFire Linux Firewall distribution has a new release and Core Update 168 offers a much-improved Intrusion Prevention System.

IPFire 2.27 Core Update 168 has arrived and adds improvements to the Intrusion Prevention System by allowing users to enable the monitoring mode for each ruleset provided (making baselining and testing far easier), which equates to faster rule updates and an automated check if a ruleset was updated.

The latest release is also better capable of preventing network spoofing attacks, has tightened file permissions mechanisms, and updates OpenSSH to version 9.0p1 (which introduces quantum-resistant cryptography). IPFire 2.27 Core Update 168 also includes updates for various third-party firmware to dramatically improve hardware support as well as improve the processing of CUPS printer server configurations (during backup and restore).

Other improvements/fixes include fixes for various CGIs that are used for HTML syntax validity, the removal of unnecessary vnstat calls, and updates to a number of core components and add-ons. IPFire also now drops any packet that is received on a different network interface than it would have been routed back to, which thwarts entire classes of network spoofing attacks.

IPFire can be installed on bare metal or even run from the Amazon Cloud. Read the full release notes for v 2.27 Core Update 168 and download the ISO now.

06/16/2022

Related content

comments powered by Disqus