Collax Server Update 7.2.28 - Intrusion Prevention and Security-Fixes
23.04.2024
Intrusion prevention, two-factor authentication, security and bug fixes
There was a lot of excitement shortly after Easter. There were reports that SSH, probably the most important administration tool, had a backdoor. It looks like a secret service is behind the operation. As the manipulations were discovered early on, the damage is limited. Our products are not affected for several reasons. You can find out what these are here: https://www.collax.com/blog/hintertuer-ssh/
Nevertheless, we cannot sit back and relax now. Other security vulnerabilities have been made public and will be closed with this update. We have also expanded the intrusion detection and prevention system to include another detection. If multiple attempts are made to establish a connection to an unused port, the IP address can be automatically blocked by the firewall.
Further information and details can be found in the Release-Notes of each product.