Latest info

Turris OS 4.0

Turris OS 3.8 is out!

Sept. 14, 2017

Turris OS 3.8 is here at last! It took us slightly longer to release it, but we worked hard on it and we think the wait was worth it, because 3.8 has lots of new cool features. Many thanks go to our devoted community for helping us test all the new functions – thanks for being with us!

This time the main changes and improvements include:

• Foris now gives you the option to set bandwidth limits for the Guest network.

• A new function in Foris is also the option to propagate client names into local DNS.

• One big joint step for Foris and the Updater are Delayed updates. You can have a look at how to use the Delayed updates function in our documentation.

Russian, Danish and Lithuanian community translations have been added to Foris. You can turn these languages on in the "Updater" tab in Foris …and if you would like Foris to speak your own language, consider becoming a community translator ;-)!

• Userlists changes include trimmed down dependencies.

• Suricata has been updated to a new version with more modular configuration and helper packages.

Php7 is now supported!

• A new package has been added: MariaDB.

A big new feature ...

Petya / Petrwrap ransomware attacks

June 28, 2017

The Petya / Petrwrap ransomware has been actively spreading over the last few days. It is the first major attack when we can use a new surveillance center with integrated data acquisition from the Turris routers, so let's take a look at several outputs.

Since June 22, the number of infected computers has dramatically increased, as we see in the rapid growth of honeypot records. Honeypot records indicate the number of attempted unauthorized login to "naively secure client devices" emulated by our servers. The previously quite stable level has so far been disturbed by isolated attacks, but after 22.6. The number of honeypot records increases by half and grows only moderately.

Petya Honeypot

It is also interesting to note that in the first third of June, the number of refused connections has increased significantly, indicating the number of attempts to connect to the Internet in which the counterparty did not respond. Such records are now typical of malware and ransomware that connect to the Internet on already inactive control servers or attempt to spread the Internet.

Petya attacks

From the data, we might conclude that we are moving near the peak of the Petya attack and its largest current wave (until further modification ...

Turris OS 3.7 out now!

June 26, 2017

Last few weeks, we had been working hard release of Turris OS version 3.7. It took a little bit longer time than we are used to when providing a new version. We are sorry for that. 

On our way to milestone 3.7, we fixed a lot of hidden bugs. Many of them were found by our wonderful community so this version is as good as it is thanks to all of you! Thank you very much once again and let's take a look at changes and improvements:

  • We have changed URL of Foris to /foris
  • Foris now offers simple guest Wi-Fi setup! Read how to set it up!
  • Foris now "speaks" Slovak, Polish and French. You can turn them on in "Updater" tab in Foris. If you want to teach Foris your own language, become a translator.
  • OpenVPN server in Foris now has more options
  • There is an experimental support for graphics cards (very geeky thing :D ) Let's play!
  • Parental control features are slowly growing. Experimental support for new devices detection is here!  You'll be notified about newly connected devices in Foris "Home" panel. Turn it on in "Updater" section.
  • Migration to the new updater ...

Fix of Samba security issue

May 25, 2017

Dear Turris users,

the new security issue has been discovered in samba packages from version 3.5 onwards. This issue allows the attacker to run the malicious code of his choice on the vulnerable device.

We are testing the security patch for Turris routers right now and we want to release it tomorrow.

Until that, samba users can use this workaround:

Add the parameter:

`nt pipe support = no`

to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing any named pipe endpoints. Note this can disable some expected functionality for Windows clients.

Good to know:

  •  Please, do not open smb sharing to the Internet. Never. It is not secure.
  •  Keep automatic updates on.

You can find out more about this issue on the topic on our forum.

Next Turris? Omnia²!

April 1, 2017

Breaking news. We finally finished the blueprints for the next generation of our router, the Turris Omnia² (read: The Square Omnia). To make it cheaper, we decided to manufacture just one colour, but we believe our choice will suit everyone. 

Omnia Pink

Some feature highlights include: 

  • Dimensions: 5*4*1 microfurlongs 
  • Weight: 44PJ 
  • Builtin support for RFC 748, 1149, 1438 and 1924 
  • Log splitting support (an axe) 
  • Automatic self defence mechanism (an axe) 

Stay tuned for more information!