NetSQUID
Current Version: 1.4.2 - Released 8.10.2004





Updates / Fixes
New Features
Drawing Board
Issues
Known Problems

Updates / Fixes

  • Can specify what HTTP servers to always redirect (Stable only) - 8.10.2004
  • Cleaned/Fixed http code (allows multiple http servers through) - 8.9.2004
  • Cleaned up snort_conf / snort_flags logic - 8.9.2004
  • Cleaned up debug printing - 8.9.2004
  • Fixed restart handling of config file - flags when daemon restarted - 8.9.2004
  • Fixed adding of previously blocked hosts - 8.9.2004
  • Broke some of the DNS stuff - _Stable_ - 7.22.2004
  • Fixed a problem when using multiple DNS servers in the .config file. - _Stable_ - _Working_ - 7.15.2004
  • I think I got rid of all the old 'mbd' stuff, so now everything should have 'netsquid' in it - 6.30.2004
  • More code cleanup in both versions, fixed a small bug in the dhcpemail stuff - 6.29.2004
  • Reworked block on classification, should be a bit faster - 6.29.2004
  • Documentation available here
  • Fixed/Recreated install shell script - 6.10.2004
  • Lots of code cleanup, and fixed a few more minor problems - _Stable_ - 6.10.2004
  • Code cleanup, and fixed a few minor problems - _Stable_ - 6.3.2004
  • Fixed potential Deadlock/timing issues in - _Working_ - 5.19.2004
  • Fixed potential Deadlock/timing issues in - _Stable_ - 5.18.2004
  • Fixed a bug if alertfile isn't specified in the .config - _Stable_ - _Working_ - 5.18.2004

New Features

  • Added allowing of port 443 when blocked - _Working_ - 8.9.2004
  • Added ability to redirect HTTPS and/or HTTP as well as not allow any udp/tcp port 53 traffic through - _Working_ - 8.9.2004
  • Automatically put specified DNS servers and HTTP server in the exclude list - both - 8.3.2004
  • Allow for an HTTP server passthrough (IP based) - both - 8.3.2004
  • Dump state and restart on SIGUSR1 - both - 6.29.2004
  • Classification based blocking - _Stable_ - 6.10.2004
  • Exclude List - Network (CIDR) support - _Stable_ - 6.10.2004
  • Added another config option - _Stable_ - 6.10.2004
  • Changed the timing mechanism (how host time is tracked) - _Stable_ - 5.18.2004
  • Added more config options - _Stable_ - 5.18.2004
    • - _Working_ - 5.18.2004
  • Exclude List - Network (CIDR) support - _Working_ - 4.28.2004
  • WinPopUp Support - _Working_ - 4.23.2004
  • Classification based blocking _Working_ - 4.22.2004
  • Syslog support

Drawing Board

  • Preprocessor support - Now in _Working_ (again) 7.5.2004
  • Perhaps a downloadable ISO image
  • Port to C/C++
  • Override blocking time by rule config
  • User configurable FW rules
  • Able to block/recognize on preprocessor alerts,specifically. This is already done w/the default block on all alerts. - In progress - 6.8.2004
The above is really contingent on our need here as well as the 'need' of the 'community' etc... so let us know what you think.

Issues

  • WinPopUp alerting and Classification based blocking may cause some slowdown to the system when it is under a heavy alert load. WinPopUp alerting is more 'slower' at this point.

Known Problems

  • If a host has a web based worm, it could cause the webserver to be bogged down with requests. - Addresssed - some of this can be mitigated by not redirecting http or https traffic (option in _Working_)


netsquid@net.tamu.edu
Last Update: 10/21/2004
Updated: NetSQUID
NetSQUID