Zeroshell Explained

Zeroshell is a small open-source Linux distribution for servers and embedded systems which aims to provide network services.^{[1] [2]} Its administration relies on a web-based graphical interface; no shell is needed to administer and configure it. Zeroshell is available as Live CD and CompactFlash images, and VMware virtual machines.

Zeroshell can be installed on any IA-32 computer with almost any Ethernet interface. It can also be installed on most embedded devices and single-board computers such as Raspberry Pi and Orange Pi.^[3]

The project reached EOL in April of 2021 with the version 3.9.5.^[4] There are several known vulnerabilities for various versions of this software: V2, V3.6x up to V3.7, V3.9.0, V3.9.3 and last V3.9.5 for example,^[5] allowing an attacker to e.g. gain root access to the device easily. The main attack vector is the cgi script in use, 'kerbynet'.

Selected features

• RADIUS server which is able to provide strong authentication for the Wireless clients by using IEEE 802.1X and Wi-Fi Protected Access (WPA/WPA2) protocols
• Captive portal for network authentication in the HotSpots by using a web browser. The credentials can be verified against a Radius server, a Kerberos 5 KDC (such as Active Directory KDC)
• Netfilter – Firewall, Packet Filter and Stateful Packet Inspection (SPI), Layer 7 filter to block or shape the connections generated by Peer to Peer clients
• Linux network scheduler – control maximum bandwidth, the guaranteed bandwidth and the priority of some types of traffic such as VoIP and peer-to-peer
• VPN host-to-LAN and LAN-to-LAN with the IPSec/L2TP and OpenVPN protocols
• Routing and Bridging capabilities with VLAN IEEE 802.1Q support
• Multizone DNS (Domain name system) server
• Multi subnet DHCP server
• PPPoE client for connection to the WAN (Wide area network) via ADSL, DSL and cable lines
• Dynamic DNS client updater for DynDNS
• NTP (Network Time Protocol) client and server
• Syslog server for receiving and cataloging the system logs produced by the remote hosts
• Kerberos 5 authentication
• LDAP server
• X.509 certification authority

See also

• List of router and firewall distributions

Notes and References

1. http://linuxbsdos.com/2008/04/14/zeroshell/ Zeroshell | LinuxBSDos.com
2. https://www.techradar.com/news/13-weird-and-wonderful-niche-linux-distros-of-2017 13 weird and wonderful niche Linux distros of 2018 | TechRadar
3. https://zeroshell.org/hw/ Supported Hardware - Zeroshell Linux Router
4. Web site: Zeroshell End of Life. 18 April 2021.
5. Web site: CVE Details, List of security vulnerabilities ZeroShell. 17 June 2022.