CrazyM
August 9th, 2004, 12:44 AM
"Montreal, August 4th 2004 - New Releases:
- CHX™ Packet Filter 2.8.1
- CHX™ Remote Management Console 1.5
- CHX™ NAT 1.2.1
- CHX™ Security Toolkit 2.8.1
What's New
Stateful options:
- Incoming/outgoing passive FTP support.
- Limit number of incoming/outgoing connections from a single host.
- Limit the number of half-open connections from a single host.
- ICMP pseudo-stateful inspection.
IP/Port Lists:
- Export/Import of lists.
- Import lists from ASCII files: CIDR bit/netmask/dotted decimal notation.
Logs:
- View log events by direction and/or type.
- Changed log reason for events generated by Allow rules to: "Does Not Match Allow Policy."
- Added corresponding log event reasons for the new stateful features.
- Added event viewer logging of remote authentication attempts.
CHX State Table application:
- View/Sort TCP/UDP/ICMP double state tables.
- View packet flow related details.
- View total number of entries.
- Fine tune state transition timeouts.
- Export state tables.
General:
- Local MMC Password protection.
BUG FIXES:
Packet Filter:
- Stateful mechanism was dropping packets with "Invalid Ack" when using IPSEC. This was caused by an incorect IP datagram length in the IP header received from TCP for incoming packets.
- Filter GUID for "Log only" filters was not always properly set.
- Corrected timeouts calculation. (based on the time elapsed from reboot as opposed to system time).
NAT:
- Corrected NAT behavior when checksum offloading is enabled (ex. on 3Com cards.)
- Added ICMP Type pairs 35-36, 37-38 to ICMP NATEntry table.
- Fixed incorrect Import NAT rules."
For full details: http://www.idrci.net/idrci_home.htm
Regards,
CrazyM
- CHX™ Packet Filter 2.8.1
- CHX™ Remote Management Console 1.5
- CHX™ NAT 1.2.1
- CHX™ Security Toolkit 2.8.1
What's New
Stateful options:
- Incoming/outgoing passive FTP support.
- Limit number of incoming/outgoing connections from a single host.
- Limit the number of half-open connections from a single host.
- ICMP pseudo-stateful inspection.
IP/Port Lists:
- Export/Import of lists.
- Import lists from ASCII files: CIDR bit/netmask/dotted decimal notation.
Logs:
- View log events by direction and/or type.
- Changed log reason for events generated by Allow rules to: "Does Not Match Allow Policy."
- Added corresponding log event reasons for the new stateful features.
- Added event viewer logging of remote authentication attempts.
CHX State Table application:
- View/Sort TCP/UDP/ICMP double state tables.
- View packet flow related details.
- View total number of entries.
- Fine tune state transition timeouts.
- Export state tables.
General:
- Local MMC Password protection.
BUG FIXES:
Packet Filter:
- Stateful mechanism was dropping packets with "Invalid Ack" when using IPSEC. This was caused by an incorect IP datagram length in the IP header received from TCP for incoming packets.
- Filter GUID for "Log only" filters was not always properly set.
- Corrected timeouts calculation. (based on the time elapsed from reboot as opposed to system time).
NAT:
- Corrected NAT behavior when checksum offloading is enabled (ex. on 3Com cards.)
- Added ICMP Type pairs 35-36, 37-38 to ICMP NATEntry table.
- Fixed incorrect Import NAT rules."
For full details: http://www.idrci.net/idrci_home.htm
Regards,
CrazyM