Latest IPFire Hardened Linux Firewall Distro Release Future-Proofs VPN Cryptography – 9to5Linux

npressfetimg-69.png

IPFire developer Peter Müller announced today the general availability of IPFire 2.27 Core Update 172 as the latest stable release of this open-source hardened Linux firewall distribution for routers and firewalls bringing updates to VPN cryptography and updated components.

The biggest changes in this new IPFire hardened Linux firewall release are the improvements the development team added around the VPN (Virtual Private Network) implementation offered within the distribution in an attempt to future-proof VPN cryptography.

More specifically, IPFire 2.27 Core Update 172 updates the key lengths of root CA (Certificate Authority) certificates for both IPsec and OpenVPN VPN clients/peers from 2048 bit to 4096 bit RSA, due to the fact that 2048 bit encryption is no longer recommended by security experts for long-term security purposes. Also updated to 4096 bit RSA encryption is the key pair generated for IPFire’s web interface.

The OpenVPN implementation will be automatically reconfigured to use a secure Diffie-Hellman parameter so that both clients and peers can benefit from this cryptography improvement. In addition, IPFire now properly backups and reloads OpenVPN CRLs (Certificate Revocation Lists) before the VPN service is (re-)started.

Future IPFire releases promise support for post-quantum cryptography (PQC) for the IPsec VPN implementation. “There is a strong (and growing) need (for post-quantum cryptography), thanks to so-called “capture now, decrypt later” attacks endangering the confidentiality of information with long-term secrecy demand, such as biometric and health data,” explains Peter Müller.

Among other noteworthy changes, the IPFire 2.27 Core Update 172 release updates IPFire’s trust store to incorporate Mozilla’s decision to distrust the root certificates of TrustCor Systems S. DE R.L., tightens various file permissions as a defense-in-depth measure, adds a massive patchset to the Python implementation, and updates numerous core components and add-ons to their latest versions (check out the release announcement for details).

Image credits: IPFire project (edited by Marius Nestor)

Last updated 3 days ago

Source: https://news.google.com/__i/rss/rd/articles/CBMiaWh0dHBzOi8vOXRvNWxpbnV4LmNvbS9sYXRlc3QtaXBmaXJlLWhhcmRlbmVkLWxpbnV4LWZpcmV3YWxsLWRpc3Ryby1yZWxlYXNlLWZ1dHVyZS1wcm9vZnMtdnBuLWNyeXB0b2dyYXBoedIBbWh0dHBzOi8vOXRvNWxpbnV4LmNvbS9sYXRlc3QtaXBmaXJlLWhhcmRlbmVkLWxpbnV4LWZpcmV3YWxsLWRpc3Ryby1yZWxlYXNlLWZ1dHVyZS1wcm9vZnMtdnBuLWNyeXB0b2dyYXBoeS9hbXA?oc=5

VPN

npressfetimg-1255.png
VPN

What is a VPN? Can it really protect my online privacy and security? – Fox News

Privacy has never been in such short supply.  There’s one technology I’ve found essential to fighting back against big tech’s prying and spying routine.   A VPN, or virtual private network, can be a very good idea for you to secure your internet connection, and it can be an effective way for you to protect your online privacy and security.

CLICK TO G…….

Read More
npressfetimg-1182.png
VPN

How to Pick a VPN for Torrenting – How-To Geek

Favebrush/Shutterstock.com

When you pick a VPN for torrenting, you need to look out for a few key security features, like a kill switch and transparent no-log policy. Also, avoid United States-based VPN providers and servers.

If you’re going to torrent, you’re going to need a VPN to protect yourself while doing so. How do you pick a good VPN for torrenting, though, is there something …….

Read More
npressfetimg-1109.png
VPN

The best Thailand VPN in 2023 – TechRadar

Thailand isn’t just beautiful beaches, breath-taking jungles, playful monkeys and yummy Pad Thai. Something that tourists often forget is that authorities are infamous for their strong grip on the internet. That’s where the best Thailand VPN apps can come handy.

Following the 2006 military coup d’état, online censorship and surveillance have been growing year by year. Now beyond solely …….

Read More
Powered by WordPress | WP Magazine by WP Mag Plus