Turris Security report 2022/12

Jan. 16, 2023

We are running a network of security probes that are collecting data about attacks ranging from simple port scans to actual attempts to break into systems. We use this data to filter addresses on the Dynamic Firewall and protect our Turris routers. We also display various statistics in real-time on our Sentinel View. Apart from that, we publish this monthly newsletter with statistics that are more complex to compute, and we are taking this opportunity to put the data we have collected into perspective.

In December, we saw attacks rise globally. It could be related to the holiday season when hobbyists joined the usual group. What seems odd is that attackers are testing more sophisticated passwords lately. We dug into our data deeper regarding passwords like 68ktW79z1U. We suspected that it might be just one device that acted out or one attacker that got an unusual wordlist. However, the password had been recorded by multiple routers, and attacks came from multiple IP addresses. What is more, the IP addresses even span multiple countries and continents. So, it seems like a regular attack after all.

There is also a spike in the popularity of previously not so abused ports, …

Celebrating 10 years of Turris

Nov. 2, 2022

The original idea of the Turris router was born 10 years ago. The idea of open-source and security focused router that respects your freedom. Over the years, Turris found it's way to various parts of the world as well to the hearts of their users. And that calls for a celebration.

To mark the occasion, we created a limited edition of our signature router - Turris Omnia. It comes in various custom designs, even in the camo design. You can get it in our on-line shop.

Not looking only in the past, but also into the future, we are introducing refresh of our existing devices. We have MOX upgraded to Wi-Fi 6 as well as Omnia. We even made an upgrade kit for Turris MOX, so you can upgrade your existing device to the new Wi-Fi standard by yourself!

Thank you for all your support over the years and we hope to keep you happy and enthusiastic about open-source and security!

Your Turris team

Turris OS 5.4 has been released

Aug. 9, 2022

This release brings less fixes and new features than other minor releases like 5.3 because we are dedicating more time to bringing you Turris OS 6.0 as soon as possible.

PHP 7.4

PHP packages have been updated to version 7.4. If you are not using your own custom php applications or scripts, this shouldn't be an issue for you. If you are using it, there is a small chance that you are using functionality that changes with this update.

Nextcloud 21

* performance improvements
* new collaborative application Whiteboard

For more information about this update, visit the announcement on the Nextcloud blog.

Fixed ReForis session handling when time is wrong

Previously, if the RTC battery was not working and the router was not connected to Internet to get the correct date with NTP, the browser was rejecting cookies with an old date from ReForis which resulted in unpredictable behaviour. Now this is fixed, but replacing your RTC battery if it's not in a good shape is still a good idea. You can find where the RTC battery is on your model in the documentation in the Hardware section.

This fix was contributed by a community member László Várady. Thank …

TurrisTech attends InstallFest 2022 in Prague

June 9, 2022

This weekend, the TurrisTech team will be attending InstallFest 2022. Visit our TurrisTech booth, hang out with the developers, and check out the technical news. On Saturday at 2:30 pm, learn about Local Area Network Security (not only) with Turris with Michal Hrušecký in the Track I lecture hall. On Sunday, developer Josef Schlehofer will talk about "Open-source Turris routers in 2022" at 2 pm in the Track I room. We'll show you what we've been working on in the past year and what you can look forward to this year (Turris OS 6.0, etc.) We look forward to seeing you.

Sentinel View 1.0 Release

March 23, 2022

Sentinel View 1.0 Release

Highly anticipated release of Sentinel Viev have come to life. It wasn’t a breeze due to issues with time-expensive database queries. The upgrade was conducted in spirit of optimizing the ever-growing database. Although Martin Prudek, the author of major changes is not part of the team, his effort left everlasting mark on the project. Another former colleague, Vojta Myslivec, have been unforgettable helping hand in regard to the database end and it’s improvement.

 

Figure 1: sentinel

 

What is the Sentinel View

It is our pleasure to provide the data that flow to our database as part of Sentinel project. That is what the Sentinel View is made for. It is able to provide Turris users with data collected specifically on their device or from devices that run Sentinel instance all over the world.

  • new responsive front-end

  • option to filter data on passed intervals

  • basic categories upgrade and more data

  • My Device page

  • caching, aggregation (on back-end)

New data, new appearance

The look of Sentinel View have been upgraded. Not only that it looks way better but also behaves responsive, improves small screen menu and provides better table view on mobile screen.

 

Figure 2 …

Heise Online: "Open-Source-Adventskalender: Turris-Router, sichere Schaltzentrale im Heimnetz."

Dec. 23, 2021

https://www.heise.de/news/Open-Source-Adventskalender-Turris-Router-sichere-Schaltzentrale-im-Heimnetz-6305501.html

Quelloffene Software ist gut; wenn sie auf offener Hardware läuft, ist das noch besser. Das dachte wohl auch das experimentierfreudige Entwicklerteam bei der tschechischen Registry cz.nic vor acht Jahren und begann damit, am Design eines eigenen Heimrouters zu arbeiten, gebaut in der Tschechischen Republik und bestückt mit OpenWrt, einer für CPE Router (oder andere embedded sytems) entwickelten Linux Distribution. So entstand das Erfolgsprojekt Turris.

Das ursprüngliche Motiv für das Projekt war mehr Sicherheit für Heimnetze durch eine verteilte Firewall. Nur war auf dem Markt kein Heimrouter zu finden, mit dem sich die cz.nic-Idee sicher realisieren ließ und der zugleich die längst bekannten sicheren Standards IPv6 und DNSSEC unterstützten. Daher bauten sie den ersten kleinen Turris, gewissermaßen eine Hardware-Probe, und gab ihn an cz-Nic-Nutzer aus, die interessiert waren. Der kleine blaue Turris wurde die Keimzelle des späteren Turris Omnia.

 

 

TurrisTech at OpenAlt Online Conference 2021

Nov. 4, 2021

OpenAlt conference 2021

The year has come and gone, and there is a lot of news in the Turris project again. New hardware is coming, but the software is not lagging behind either. We are migrating old routers to the new Turris OS and working on migrating to the new OpenWrt. We also have news on router security features. Whether it's features available directly on the router or our Turris Sentinel security software.

Conference OpenAlt is available on the link https://lnkd.in/dUDkKn_Z

Invitation to the Internet and Technology Conference (21.2) 10 November 2021 in Prague

Oct. 26, 2021

The CZ.NIC Association, the Czech national domain administrator, is organizing the Internet and Technology (21.2) conference, which will take place on 10 November 2021 at the Grandior Hotel in Prague. This traditional event will be held in person. The presentations will mainly cover news in the key projects of the association over the past year. However, the topics of security and internet regulation will not be left out. Visit the Turris project stand. Stop by and talk to our developers.

You can sign up to participate on the conference page.
We look forward to seeing you

Your Turris team

TurrisTech at FrOSCon 2021

Aug. 19, 2021

Meet TurrisTech at FrOSCon 2021 Cloud-Edition (online event)

Watch our SW developer Martin Prudek speaking on the topic of "Turris Sentinel: Choosing the right database":

https://lnkd.in/d9R69jqP

Day: 22.08.2021
Start time: 14:30
Duration: 01:00
Room: HS4

In his own words:

"Turris Sentinel is a network security oriented project maintaining a network of HoneyPot-like probes running on Turris routers. In the last few years we developed an OpenSource framework for DataProcessing and explored several message queuing and storage technologies which powers our data processing pipelines. In this lecture I would like to talk about our experiences with Redis, InfluxDB and PostgreSQL databases - their pros and cons and their position in the ecosystem."