Release of shadowd 2.0.1

TL;DR: There was a bug in the library jsoncpp regarding null-bytes. It was fixed a year ago, but most packet managers still ship affected versions. If a vulnerable version of the library is used it is possible to bypass shadowd 2.0.0 or earlier.


Release of shadowd 1.1.0

It is my pleasure to announce the release of shadowd 1.1.0 as well as shadowd_ui 1.1.0 of the Shadow Daemon web application firewall. This update improves the performance, attack detection and ease of use. There are five major changes:

  • A native flood protection. It is no longer necessary to use fail2ban to prevent flooding of the logs, it happens automatically now.
  • A storage queue. This removes a huge bottleneck from Shadow Daemon, the permanent storage of requests.
  • Optimizations of the database layout to improve the performance.
  • New blacklist filters/signatures to detect more attacks, e.g. shellshock, cross-site scripting, server-site includes and code evaluation.
  • An option for the whitelist rules generator to automatically unify arrays. This makes it much easier to generate rules for big web applications.

There are no new major additions, but this update does improve the overall experience a lot, so I highly recommend to apply it. Most changes are based on feedback, so keep it coming :)