•

• Home Page, Headlines • DW Weekly, Comments • Packages, Package Management • Glossary, FAQ, Mobile Site	• Search, Sitemap • Major Distributions • Submit Distribution • Upcoming Releases	• About DistroWatch • Page Hit Ranking • Advertise • Torrent Downloads

DistroWatch.com is sponsored by

News/Opinions/Reviews ▼
Release Announcements News and Headlines DW Weekly DW Weekly / Review Archive News/Article Search Upcoming Releases Opinion Polls Visitor Ratings & Reviews Project Rankings by Ratings Podcasts, Newsletters & Reviews
Packages ▼
Packages We Track Package Management Package Releases Compare Packages Across Distros Show package versions for all distros
Find/Submit Distro ▼
Search For Distro Search For Distro - Advanced Major Distributions Waiting List Submit Distribution Discontinued Distributions Random Distribution
Tutorials & Learning ▼
Search For An Article Questions and Answers Columns Tips and Tricks Columns Myths And Misunderstandings Columns Glossary Simplified Manual Pages
Related Resources ▼
Other Operating Systems Compatible Hardware Security Advisories Torrent Downloads Upload Torrents Distro Verification Keys Visual Distro Family Tree Linux User Groups
DistroWatch.com ▼
About DistroWatch Contact Us Page Hit Ranking Page Hit Trends Advertise Frequently Asked Questions Contributing Donate Our Donations Programme

News and Open Source Releases

Headlines

2019-03-26

IPFire's proactive packet filtering

IPFire, a Linux distribution typically used in firewalls, is introducing a more proactive approach to dealing with malicious traffic. The changes involve IPFire's Intrusion Detection System (IDS): "One of the biggest changes we are now introducing is that the IDS will no longer just listen to traffic by default. Snort used to analyse a copy of every packet on the network. While it has been scanning it, it was passed on into the network. Any alarms that were raised had to be processed from a log file and potentially created iptables rules that blocked the host where the malicious packet came from. That leaves a tiny chance to an attacker to talk to a host on the network he wants to attack. Suricata takes the packet, analyses it first, and when it has passed all checks, it is being sent onward. Therefore, it is very easy for Suricata to be an Intrusion Prevention System, too. If the packet has failed the tests, it is just being dropped and alert is logged - leaving no chance to even send a single packet to the internal network. Because of that, we have renamed it on the IPFire Web UI and call it Intrusion Prevention System." More information on this change can be found in the project's blog post.

More headlines from this project Back to News

TUXEDO
TUXEDO Computers - Linux Hardware in a tailor made suite Choose from a wide range of laptops and PCs in various sizes and shapes at TUXEDOComputers.com. Every machine comes pre-installed and ready-to-run with Linux. Full 24 months of warranty and lifetime support included! Learn more about our full service package and all benefits from buying at TUXEDO.

Advertisement

Star Labs
Star Labs - Laptops built for Linux. View our range including the highly anticipated StarFighter. Available with coreboot open-source firmware and a choice of Ubuntu, elementary, Manjaro and more. Visit Star Labs for information, to buy and get support.

Extended Lifecycle Support for CentOS 7 | TuxCare

Copyright © 2001 - 2025 Atea Ataroa Limited. All rights reserved. All trademarks are the property of their respective owners. Privacy policy. Change privacy settings.
DistroWatch.com is hosted at Copenhagen.

Contact, corrections and suggestions: Jesse Smith

Tips: Bitcoin

bc1qxes3k2wq3uqzr074tkwwjmwfe63z70gwzfu4lx
Bitcoin Lightning

lnurl1dp68gurn8ghj7ampd3kx2ar0veekzar0wd5xjtnrdakj7tnhv4kxctttdehhwm30d3h82unvwqhhxarpw3jkc7tzw4ex6cfexyfua2nr
Monero

86fA3qPTeQtNb2k1vLwEQaAp3XxkvvvXt69gSG5LGunXXikK9koPWZaRQgfFPBPWhMgXjPjccy9LA9xRFchPWQAnPvxh5Le
PayPal.me/distrow • Patreon.com/distrowatch