These OS projects all relate to IT security and include Exiscan, Netfilter, and Super FreeS/WAN.
“By sponsoring these important Linux projects, Astaro is pleased to give back and do its share in supporting this important community,” said Markus Hennig, CTO of Astaro Corp. “We are not only sponsoring these projects financially, but are working close with the project leaders and maintainers to support them in their needs. For example, Astaro is sponsoring conferences and workshops such as the Netfilter developer workshop 2003, in Budapest. Beside these major projects, we work actively within the community on various mailinglists and news sites and of course sending patches and enhancements back. We look forward to continue our sponsoring and support of open source projects.”
Exiscan (http://duncanthrax.net/exiscan-acl/)
Exim is a message transfer agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public License. Although similar to Sendmail, Exim is more general and more flexible in terms of routing email and checking for incoming email. Exim can replace Sendmail, although the configuration of Exim is quite different to that of Sendmail.
According to Tom Kistner, Astaro software engineer, Exiscan is an email content scanner patch for the Exim MTA. Exiscan is a patch against Exim version 4, providing support for content scanning in email messages received by Exim. It works after the sending client has completed the SMTP data phase and waits for an answer from the server. Messages containing unwanted content can be rejected at that stage, so the job of generating a bounce message is the job of the sending host. Four different scanning facilities are supported: antivirus, antispam, regular expressions, and file extensions.
Tom Kistner recently delivered a lecture on the Exiscan project at Robinson College, Cambridge, UK.
Netfilter (http://www.netfilter.org)
Astaro is also supporting Harald Welte on his work for the Netfilter/iptables project. Harald Welte is one of the five Netfilter/iptables core team members, and the current Linux 2.4.x firewalling maintainer.
The Netfilter/iptables project is the Linux 2.4.x / 2.5.x firewalling subsystem that delivers the functionality of packet filtering (stateless or stateful), all different kinds of NAT (Network Address Translation) and packet mangling.
For Linux systems (Kernel 2.4.x or above) running on a router, Netfilter/iptables can be used for all kinds of firewalling, NAT or other advanced packet processing.
The major part of netfilter/iptables is included in the standard Linux Kernel.
Super FreeS/WAN (http://www.freeswan.ca/)
Astaro is also supporting Super FreeS/WAN, a largely patched up version of FreeS/WAN with support for all sorts of addtional features that aren’t considered mainline, or haven’t been tested enough for the FreeS/WAN developers to accept into the mainline branch. FreeS/WAN provides IPSEC (IP Security, which is both encryption and authentication) kernel extensions and an IKE (Internet Key Exchange, keying and encrypted routing daemon) as well as various RC scripts and documentation. It is known to interoperate with other IPSEC and IKE systems already deployed by vendors such as OpenBSD, Cisco, or Check Point. It also features Opportunistic Encryption, subnet extrusion, and with the appropriate patches interops nicely with Microsoft Windows XP/2000 using X.509 certificates.
About Astaro
Founded 2000 in Karlsruhe, Germany and now co-headquartered there and in Burlington, MA, Astaro is the provider of Astaro Security Linux, one of the most effective, reliable and affordable perimeter security products available. With more than 10,000 installations in over 60 countries, including organizations as EDS, Los Alamos National Labs and Stanford University, its solution integrates firewall, VPN , content filtering, anti-spam, URL filtering and virus protection on a single, rapidly configured, automatically updated “software appliance.” Astaro builds its products on cutting-edge Open Source software.”
