Sentinel View report – January 2023

In January, we encountered slightly more attackers than in December. But overall, behavior stays the same. The number of attackers per device and victims per attacker didn’t change much. Looking back at our first report, we also had about the same amount of victims per attacker but more attackers per device. The trend for the last three months is to target about 20 Turris devices on average if you are an attacker.

 

Why we improve e-mail security and why it may break message redirection

In the Turris project, we are currently improving e-mail communication security. If you use our infrastructure for sending notifications from Turris devices, it also applies to you. It strengthens your protection but may “break” the redirection of messages to another address.

Dynamic Firewall View in Sentinel View v1.1.0

You may have read some of our previous articles about Turris Sentinel and it’s companion – Sentinel View. Today we would like to share yet another cool feature that is available and that gives you even better feel how dangerous the internet really is.

uCollect is dead, long live Turris Sentinel!

If you follow what we do, you might have noticed that we recently announced the end of Turris OS 3.X. It was first released in 2016 and it was with us for quite some time. But in the end we managed to debug the migration to Turris OS 5.x and migrated everybody over. But this blog post is not about that. This post is about deprecation one of the parts, that was replaced by a newer and better system – uCollect.

Sentinel View 1.0 Release

Highly anticipated release of Sentinel Viev have come to life. It wasn’t a breeze due to issues with time-expensive database queries. The upgrade was conducted in spirit of optimizing the ever-growing database. Although Martin Prudek, the author of major changes is not part of the team, his effort left everlasting mark on the project. Another former colleague, Vojta Myslivec, have been unforgettable helping hand in regard to the database end and it’s improvement.

Turris OS 5.2 has been released

In the newly released Turris OS 5.2 version, you can find Overview after logging in to web interface reForis. It provides you easily recognized status about the activated services for automatic updates, data collection, dynamic firewall, test for Internet connectivity, speed test using Netmetr.cz, and added list of OpenVPN clients to any OpenVPN servers. Based on the community feedback, we prepared for you the requested missing features in reForis. Since this release, you can see the Storage tab, the possibility of doing a factory reset from the UI and adding a registration token to use Honeypot as a Service. Some of these features were missing from an old web interface or from the previous major version of Turris OS.

New Turris OS 5.0 version is out

We have released a new version of Turris OS 5.0. It is based on top of OpenWrt 19.07.3 with our patches and feed for all of Turris routers. In this article, we will go through new features and changes, including experimental migration from the Turris OS 3.x version. We will mention a few obstacles we faced during the development and introduce several features you can expect in future releases.

WireGuard on Turris

Now more then ever, people connect and work remotely. Everybody uses some kind of VPN, at least in the tech world. The new, trendy and cool way of doing VPNs is Wireguard. Everybody speaks about it and since March it is finally a part of Linux kernel. Its advantages are that it is setup in more straight forward way than alternatives and that it is blazingly fast.

Protecting your servers with Turris Sentinel

Little bit of history

Apart from operating .CZ top level domain, CZ.NIC does a lot of other interesting things contributing to the common good. Part of it is running Czech national CSIRT team, doing security research and raising awareness about potential security issues. As part of our security research, we started wondering a long time ago how much are the average Joes and Janes attacked, by who and how. People that are just connected to the internet, run no public service and are just consumers. If only there was some kind of probe that would allow us to see what is going on there…