OpenFWTK / News: Recent posts

Security vulnerability has been fixed

All protocols supporting STARTTLS command were vulnerable to plaintext injection CVE-2011-0411 til today. A fix is available in CVS:

http://openfwtk.cvs.sourceforge.net/viewvc/openfwtk/fwtk/libem/emiossl.c?r1=1.3&r2=1.4

Binary packages are not updated yet as it is relatively low impact; let me know if you need it immediately.

Posted by ArkanoiD 2011-04-11

SSL MITM and ICAP is now available for mail

SMTP and POP3 are now supported, as well as using external relays transparently.

Posted by ArkanoiD 2011-04-06

Interix is now officially supported platfrom

Not really tested yet, but it builds ok with Interix 6.1 Win2008R2 Visual Studio 2005.

Posted by ArkanoiD 2010-08-23

ICAP support (hopefully) works for FTP

See CVS snapshot, it should work now. I will add POP3, SMTP and NNTP ICAP inspection as well soon and that will make next release candidate.

Posted by ArkanoiD 2010-08-09

SSL MITM, doing it right

I wrote an article about improving SSL security with MITM proxy, read it here: http://sourceforge.net/projects/openfwtk/files/benevolent-ssl-mitm.pdf/download

Posted by ArkanoiD 2010-04-18

Documentation section updated

At the moment, it is just quick and dirty man2html import, but it is better than nothing - we had no online documentation til this.

Posted by ArkanoiD 2007-10-04

Release 2.0 is out!

It is called "2.0" being actually first really public release, as "1.0" version existed for closed group only.

For those of you who never heared of OpenFWTK, it is an application proxy firewall suite.

Notable features are:

* True application layer filter (popular technology known
as "DPI" - Deep Packet Inspection or "SPF" - Stateful
Packet Filtering - is not. It's just an ugly hack.)... read more

Posted by ArkanoiD 2007-09-26