The Viper IDS Sensor is available for download again after being taken offline for security reasons. The attack signature detection engine (snort) has been upgraded to fix the security flaw discovered in previous releases.
The Wolverine Firewall and VPN server version 1.1 build 360 is available from the update server. This build has been released to deal with a security vulnerability recently discovered in the PPTP daemon (PoPToP). An installation CD for this version is not being created at this time as the 1.2 release is due out very shortly and will replace both the 1.0 and 1.1 versions of Wolverine. The PPTP flaw affects all versions of Wolverine prior to 1.1.360. Version 1.0 is being removed from the download areas as it is no longer being actively supported. If your firewall does not have the PPTP services enabled, it is not affected by this vulnerability.
The Snort attack signature detection engine used in the Viper Intrusion Detection system has been found to contain a serious vulnerability that can lead to compromise of the device running it. The security problem affects the initial test release of the Viper and as such, the downloads for the current test release have been disabled until a fix it put in place. More information is available on the Snort homepage at www.snort.org.
As to the level of threat that this poses anyone testing Viper, it is serious but nothing to panic over. Viper does not bind an IP to its external interface and is therefor very hard to detect. Viper does not provide a means of connecting directly to the IDS sensor from the sniffer interface.
It is still recommended that anyone testing Viper on a production network disconnect the senor from any network segments that may be reachable from the Internet.
Build 359 of the Wolverine Firewall and VPN server is now available for download from the subscription channels and update sites. This build fixes numerous bugs in the installer, includes updated IPSEC support, updated documentation, and a new setup interview system that performs better user input validation and adds several additional options to the initial configuration process
The initial, alpha release of the Viper IDS sensor software is available from the download area and the subscription channels. This release is intended to log all of its alert data to a remote MySQL database and does not yet contain Wolverine integration support. The necessary database structure is provided in the /docs directory of the CD and can be used with the ACID IDS web frontend.