Zeroshell

The topic of this article may not meet Wikipedia's general notability guideline. Please help to demonstrate the notability of the topic by citing reliable secondary sources that are independent of the topic and provide significant coverage of it beyond a mere trivial mention. If notability cannot be shown, the article is likely to be merged, redirected, or deleted. Find sources: "Zeroshell" – news · newspapers · books · scholar · JSTOR (November 2024) (Learn how and when to remove this message)

This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Zeroshell" – news · newspapers · books · scholar · JSTOR (June 2018) (Learn how and when to remove this message)

Zeroshell

Developer	Fulvio Ricciardi
OS family	Linux (Unix-like)
Working state	Discontinued
Source model	Open source
Initial release	June 2006; 18 years ago (2006-06)
Final release	3.9.5 / 16 January 2021; 3 years ago (2021-01-16)
Platforms	IA-32, x86-64, ARM
Kernel type	Monolithic
License	GNU GPL
Official website	www.zeroshell.org

Zeroshell is a small open-source Linux distribution for servers and embedded systems which aims to provide network services.^[1][2] Its administration relies on a web-based graphical interface; no shell is needed to administer and configure it. Zeroshell is available as Live CD and CompactFlash images, and VMware virtual machines.

Zeroshell can be installed on any IA-32 computer with almost any Ethernet interface. It can also be installed on most embedded devices and single-board computers such as Raspberry Pi and Orange Pi.^[3]

The project reached EOL in April of 2021 with the version 3.9.5.^[4] There are several known vulnerabilities for various versions of this software: V2, V3.6x up to V3.7, V3.9.0, V3.9.3 and last V3.9.5 for example,^[5] allowing an attacker to e.g. gain root access to the device easily. The main attack vector is the cgi script in use, 'kerbynet'.

• RADIUS server which is able to provide strong authentication for the Wireless clients by using IEEE 802.1X and Wi-Fi Protected Access (WPA/WPA2) protocols
• Captive portal for network authentication in the HotSpots by using a web browser. The credentials can be verified against a Radius server, a Kerberos 5 KDC (such as Active Directory KDC)
• Netfilter – Firewall, Packet Filter and Stateful Packet Inspection (SPI), Layer 7 filter to block or shape the connections generated by Peer to Peer clients
• Linux network scheduler – control maximum bandwidth, the guaranteed bandwidth and the priority of some types of traffic such as VoIP and peer-to-peer
• VPN host-to-LAN and LAN-to-LAN with the IPSec/L2TP and OpenVPN protocols
• Routing and Bridging capabilities with VLAN IEEE 802.1Q support
• Multizone DNS (Domain name system) server
• Multi subnet DHCP server
• PPPoE client for connection to the WAN (Wide area network) via ADSL, DSL and cable lines
• Dynamic DNS client updater for DynDNS
• NTP (Network Time Protocol) client and server
• Syslog server for receiving and cataloging the system logs produced by the remote hosts
• Kerberos 5 authentication
• LDAP server
• X.509 certification authority

• List of router and firewall distributions

• Official website
• Zeroshell at DistroWatch