The Horatio system is a firewall authentication tool. The premise: legitimate users want to attach laptops and other mobile hosts to the network, but security demands that illegitimate users be prevented from accessing the internal, secure network and from abusing the general Internet. The approach taken by Horatio is to provide a separate, untrusted network that only connects to the internal network (and thus to the Internet) through a firewall that by default does not pass any traffic. When a legitimate user connects his or her host, it is assigned an address by a DHCP server (such as dhcpd), but is unable to contact anything outside the untrusted network. The user must point a Web browser at the Horatio web server, which runs on the firewall machine, and provide a username and password. Once the username and password have been validated, the firewall rules are modified to allow the host access to the rest of the network.
|Tags||Networking Firewalls Security|
|Operating Systems||POSIX Linux|
Release Notes: The logging information now mentions whether a login request came in through HTTP or HTTPS. A timeout was added to the HTTPS daemon options, in the hopes that it will take care of the hanging daemon problem.
Release Notes: The bug causing the HTTPS server to hang may have been squashed.
No changes have been submitted for this release.