Turris OS 7 is finally out!

It took us really long time to release Turris OS 7.0, but it is finally out now. The only change in this release is a switch to a newer OpenWrt – namely 22.03. We are not introducing any new features (although we are for the first time using “Staging Updates“). We are even sticking with iptables for now, although upstream has moved towards nftables. All that to minimize impact on our users and provide smooth update experience. That was also part of the reason why it took so long. We tested it over and over again, fixed the issues we found and started with the tests from scratch again. Sometimes we found our feature not working, sometimes we encountered some problems with state of the upstream distribution we had to help to fix. But finally we got into state where we could release it and we did exactly that.

Sentinel View report – November 2023

Iran decreased its efforts, and for a change, most active attackers occupying all top three positions are from Romania. There is a new interesting IP that emerged last month, and that is an attacker from Panama. Small port scans for port 53 were at their record this month; we could not help but dig deeper. For more information: Sentinel View report – November 2023.

Sentinel View report – October 2023

An interesting dynamic is happening at the top of the attackers’ chart. First of all, Iranian attacks were overshadowed by other countries to the degree that we no longer see them in higher positions. To mention the current top four most significant, we would highlight Romania, Germany, Bulgaria, and the Netherlands. There had been consistent attacks from Germany that came into prominence about the 4th of October and then slowly started to disappear on the 16th until the final dissolution on the 18th of October. The graph line for German attacks looks very stable and consistent. On the other hand, Romania’s malicious activity, which took the top of the charts, looked erratic and unorganized in the graph. To the degree that Sentinel View graphs in the Incidents section, except for Top countries by recorded incidents, are rendered almost useless.

Sentinel View report – September 2023

On the first pages of the Report, we can see that September numbers are very comparable to August data. Iran-based attackers moved away from top charts, and we see that addresses from the United States now take the lead in the HTTP minipot incidents records.

Sentinel View report – August 2023

Minipot attacks decreased by nearly a half from the preceding month in August. The subnet 46.148.40.0/24 members were not so active last month, and we can see addresses from other countries emerging at the top of the table. Notable mentions go to some European countries, namely Germany and Romania, who got back into the spotlight.

Sentinel View report – May 2023

The overall count for total incidents dropped by 100 million. Sounds like a lot, but given the number of attacks we recorded (1.6 billion), it is just less than 10% decrease. Still significant, but not as shocking as hundred millions sounds. The results for minipot traps have not changed significantly from previous month, it seems the attackers are pretty consistent in regards to what services interest them the most.