SINUS is an application that evaluates security potential while avoiding obscurity.
Among the many advantages of the SINUS firewall is its ease of use and free availability - making online malware protection more accessible than ever. While it cannot guarantee perfect security, its feature set offers a wide range of useful capabilities that can be tailored to suit unique concerns. For example, the firewall offers filtering of all header fields in IP, TCP, UDP, ICMP, and IGMP packets, as well as intelligent RIP and FTP support.
Other key advantages of the SINUS firewall include a user-friendly, text-based configuration interface and dynamic rules with counters and time-outs. Perhaps most notably, it also allows for extensive logging, counter intelligence, and alerting. Additionally, the system can help prevent packet and address spoofing, and is distributed under the GNU GPL license.
When installing the software, it is suggested that users opt for a Linux 2.0.x-based system that includes only necessary features, without extraneous elements that may contain vulnerabilities. Specifically, user accounts should not be installed on the firewall system, and remote log-ins should be avoided in favor of console access or an SSH protocol.
While the software has undergone rigorous testing and has been operational for 12+ months without crashes, it is still considered to be version "0.1" due to the possibility of discovering bugs over time. As such, it is not appropriate to use the software as the sole means of protecting particularly sensitive information. However, it is useful for those who seek to study firewalls or require greater security than their current systems can provide.
New features in the most recent release (0.1) of the SINUS project include user-level authentication between firewall and management interfaces, as well as Java application-based management interfaces (JDK 1.1.6) and improved detection of land attacks. Finally, the firewall now utilizes the name "sifi" (SINUS firewall) following a transition to new maintenance by Harald Weidner. The release also provides several important bug fixes, including TCP RST of established connections passing through the firewall and the resolution of segfault issues in passive FTP code.
Version 0.1: N/A