1 thought on “New release and critical vulnerability

  1. Just wanted to drop a quick note (without having to go through the whole process of registering for the forum – yet!):
    ‘I had honestly never heard of Zeroshell before, I’ve been researching various software packages/stacks as I will be re-doing my home/lab network while taking advantage of my new servers & I wanted to implement some sort of UTM solution, but after randomly discovering it (literally, I was getting frustrated with the same suggestions until I finally gave up and just typed in ‘free utm’ into google & Zeroshell was mentioned on a fairly obscure website/list!) I am very very intrigued.
    This might be the answer I have been looking for. Most SIEM/UTM even some NAC packages are great at identifying threats, but for a small deployment being able to take action on them is a requirement. As many of these solutions are meant to be run passive one often has to look toward implementing the ‘active’ portions of those software stacks themselves or finding a separate software package that can handle ‘all the other parts’ of hosting/administering a network, would provide complimentary features rather than a duplication of them, and can work the higher level applications to take action on alerts.

    I can’t comment much on the specifics of Zeroshell as I have only been browsing through the site and the documentation, but what really catches my eye is the presence of complimentary features rather than duplicate ones. To keep things simple I’d like to minimize the number of different programs running (as I’m sure most people would) and if I’m going to have to setup Suricata, OSSEC/Wazuh, etc outside of a pre-packaged suite like SecurityOnion so that they can run in-line, it is preferable for me to use a routing platform that doesn’t replicate many of the services that I will be setting up in parallel (and on the other hand, doesn’t have service that I would otherwise have to add & setup separately).
    I’ve been using pfSense for years and have been wanting to switch over to OPNsense for quite some time now, but given the new hardware that I’m running (and the reason why I’m running it) I need something more robust than just a stateful firewall, block list, and built in Snort/Suricata. While it means I would have to add things like a physical TAP, that also means I don’t have to rely on the router to do all the work (although it’s always helpful to have more information or the opportunity to place the TAP elsewhere). In addition to this it will most likely be the case that certain features (like the aforementioned OpenDNS, traffic shaping, RADIUS/user account hosting/login security, often multiple types of VPN solutions, etc)become even more critical. Based solely on my experience with pfSense over the past 5+ years it seems like much effort is spent trying to put together as ‘broad’ a package as possible rather than focusing on services that generally stem from the routing platform; and that’s assuming they are actually spending many resources on development to begin with. Having a good implementation of a web proxy is more important to me than having a tacked on web proxy and AV combo. I can setup the AV myself separately, and do so with a more complete service, to take advantage of the stored web data which in turn can be used for other methods as well.
    A+

Leave a Reply

Your email address will not be published. Required fields are marked *