Finding Zeus Bot (Zbot) with Sophos UTM

Some weeks ago one of my customers first WAN IP (used for mail-out) was listed in a spam blacklist. SMTP internet-traffic was only allowed for the mailservers and there was no deny-packet for tcp 25 in the network logs. So I thought a bot used an Outlook client for spaming but I was wrong. … Read more

Multipathing with three Interfaces

You can group WAN interfaces and configure multipathing just for this group. For example: You have three internet interfaces. One dedicated line for mail and vpn and two low-cost DSL interfaces for webtraffic:   on eth6 and eth7 I attached a ADSL modem. Now we will configure multipathing for webtraffic balanced to the new group … Read more

The Elder Scrolls Online and Sophos UTM

Three days ago I tried to download The Elder Scrolls Online Beta with the launcher but it hangs at every start. I looked at the web protection live log and saw some urls targeting to archive-files. So i filtered the following URLs for skipping “Caching / Block by download size / Antivirus / Extension blocking … Read more

Changing Network Interfaces in Sophos UTM

To change the order of the network interfaces (eth0 -> eth1) within a Sophos UTM (for example a software installation) you can edit the 70-persistent-net.rules file with the shell within /etc/udev/rules.d/. So connect to your UTM and change the file with vi: vi /etc/udev/rules.d/70-persistent-net.rules the file contains the following: # This file was automatically generated by the … Read more

Sophos UTM 9.107-33 released

Sophos has released Update 9.107-33 to the public. Here are the changelogs: Remarks: System will be rebooted Configuration will be upgraded Connected REDs will perform firmware upgrade Connected Wifi APs will perform firmware upgrade News: Update to UTM 9.107 Bugfixes: Fix [21794]: Support UTM 9 install on ASG 120 Rev4 with 2GB Memory Fix [22571]: UTM-RED … Read more

Sophos UTM 9.2 beta released!

The beta version of 9.2 is out now! Please don’t install in a live environment, only in a test environment (for example a virtual UTM): UTM 9.2 Beta ISO for Offical UTM Appliances: Size: 569MB Md5: ba7d34a0ac12486b3a1b722f7f438125 UTM 9.2 Beta ISO for Software/Virtual installations: Size: 566MB Md5: 07bb81cf4ef3327be11e5682037dd029 We also have an up2date … Read more

Securing ownCloud with Sophos UTM Webserver Protection

Hi guys! To secure your ownCloud access via Sophos UTM Webserver Protection, you will need to add your local webserver (in my case a Raspberry Pi; tutorial here) to the webserver protection module:     now we will configure a new firewall policy especially for our requirements:   I configured uploads only at the Antivirus option. … Read more

Sophos UTM 9.1 Final Release is here!

After the soft-release here comes the final release of Sophos UTM 9.1: You can update from 9.006-05 to 9.100-16. People which installed the soft-release 9.100-8 will get an email some days ago like me to update from 9.100-8 to 9.100-16:   here are the official changelogs for 9.100-16: Official Up2Date Description: Remarks * System … Read more