3.5 KiB
IPFire 2.13 Core 77 Linux Firewall Distro Brings Major OpenVPN Improvements
Michael Tremer, a developer for the ipfire.org team, has announced that IPFire 2.13 Core 79, a new stable build of the popular Linux-based firewall distribution, is now out with some exciting new features.
IPFire is a modular Linux distribution, which means that it can be deployed as a firewall, a proxy server, or a VPN gateway. The main concern of the developers is security and every step has been taken in order to ensure that users can feel really safe when using this operation system.
The developers are saying in the official announcement that the “Core Update 79 is finally arriving with many bug fixes and enhancements. Among the big changes with this update are lots feature enhancements that massively increase the security level of OpenVPN connections, some enhancements of the web user interface and a lot more awesome stuff under the hood.”
The IPFire devs had another huge release a few months ago and it looks like they have made another one, this time focusing on the improvement of the OpenVPN features and a few other aspects.
“The certificate authority that can be created on the OpenVPN page now uses much better hashes to protect the integrity of itself. The CA root certificate uses a SHA512 hash and a RSA key with length of 4096 bit. All new created host certificates use a RSA key with 2048 bit length and a SHA256 hash. Additionally, a set of Diffie-Hellman parameters can be generated for better protection of the session keys. The length of the pregenerated DH parameters can be chosen in the web interface,” also noted the devs.
According to the changelog, the cipher that is used for each net-to-net connection can now be changed, the hash function is now configurable with a few options like SHA2 (512, 384, and 256-bit), Whirpool (512 bit), and SHA1 (160 bit), and the tls-auth option can be enabled, which uses a HMAC function.
The Linux kernel used by the distribution has also been updated in this release and the OS now packs the 3.10.44 version. This should bring support for new hardware, a number of security fixes, and more stability.
Also, snort (the Intrusion Detection System) has been updated to version 2.9.6.1, the new firewall GUI now supports blocking access to the GREEN firewall interface, the PIE packet scheduler has been added, and the default size of the root partition has been increased.
The developers recommend all users of IPFire to upgrade their distributions. More details can be found on the official website.
Download IPFire 2.13 Core 79:
- IPFire 2.15 Core 79 (ISO)[iso] [126 MB]
- IPFire 3.0 Alpha 1 (ISO)[iso] [76 MB]