Flawed IPS update cripples Astaro firewall
In the early hours this morning (Friday), a flawed signature update for the firewalls of Astaro's intrusion prevention system (IPS) caused massive problems on users' systems. Readers reported that the Astaro gateway assigns new IP addresses to the system (itself and clients) and is no longer readily accessible via the network. This also causes disruption to users' internet connections.
Astaro recommend disabling the intrusion detection system as a temporary workaround. Astaro has released instructions detailing how to return affected systems to normal service. The vendor's server now offers a corrected IPS signature file. Astaro founder Gert Hansen has apologised for the incident and announced plans for an investigation into how the flawed signature update managed to slip through quality control.
In addition to the flawed IPS signature update, Astaro say that they also deployed a flawed signature update for the anti-virus scanner. This caused web proxies and email filters to malfunction if the "Dual Anti Virus Scanning" option was enabled. The vendor has since deployed a corrected signature update.
See also:
- Important Update Notification: For End Users and Channel Partners using Astaro Products, advisory from Astaro.
(crve)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
