[Info-vax] [TCPware] V5.9-2 is out

Peter 'EPLAN' LANGSTOEGER peter at langstoeger.at
Thu Jan 28 10:12:59 EST 2010 

In case you haven't noted already:

On 18-JAN-2010, PSC released TCPware V5.9-2
On 27-JAN-2010, the first 3 ECOs for V5.9-2 were released

	http://process.com/tcpip/tcpware.html
	http://process.com/tcpip/tcpfeat.html


Intrusion Prevention System (IPS)
=================================	
The IPS feature monitors network and/or system activities for malicious
or unwanted behavior and can react, in real-time, to block or prevent
those activities. TCPware SSH, FTP, SNMP, Telnet, IMAP, SMTP, and POP3
have been instrumented with IPS to monitor traffic for malicious
attacks. It is highly flexible and customizable. When an attack is
detected, pre-configured rules will block an intruder's IP address from
accessing the TCPware system, prevent an intruder from accessing a
specific application, or both. The time period that the filter is in
place is configurable. An API is provided so that TCPware customers can
incorporate the IPS functionality into their applications.

Kernel Performance Improvements
===============================	
Kernel performance has been enhanced for AXP and Itanium by eliminating
occurrences of alignment faults.

BIND 9.6.1 Server Upgrade
=========================	
This upgrade includes the following:

  * Full NSEC3 support
  * Automatic zone re-signing
  * Improved statistics reporting

SSH Upgrade
===========	
The SSH code base has been upgraded to include a number of bug fixes.

FTP RESTART Command 	
===================
This feature allows an FTP transfer (which has been interrupted) to be
restarted where the transfer left off. This applies to stream mode
transfers only (RFC 3659).

Ephemeral Port Randomization
============================
Typically ports were issued in sequential order, which poses a security
risk. There is the potential for blind attacks, which can range from
throughput-reduction to broken connections or data corruption. This
feature issues random port numbers, which makes it more difficult for
an attacker to guess a local port number and disrupt communications.

IMAP Update 	
===========
IMAP has been updated to the latest version of the University of
Washington code base.

Other Features 	
==============
  * BG devices can perform writes larger than 65535 bytes on a stream
    connection
  * TTY_PORT_BUFIO function is now supported for remote terminal devices
  * SNMP can now send SNMPv2 traps
  * TFTO supports the BLKSIZE option

-- 
Peter "EPLAN" LANGSTÖGER
Network and OpenVMS system specialist
E-mail  Peter at LANGSTOeGER.at
A-1030 VIENNA  AUSTRIA              I'm not a pessimist, I'm a realist

More information about the Info-vax mailing list