Zeroshell is a small Linux distribution

Linux distribution

A Linux distribution is a member of the family of Unix-like operating systems built on top of the Linux kernel. Such distributions are operating systems including a large collection of software applications such as word processors, spreadsheets, media players, and database applications...

 for servers

Server (computing)

In the context of client-server architecture, a server is a computer program running to serve the requests of other programs, the "clients". Thus, the "server" performs some computational task on behalf of "clients"...

 and embedded systems which aims to provide network service

Network service

Network services are the foundation of a networked computing environment. Generally network services are installed on one or more servers to provide shared resources to client computers.- Network services in LAN :...

s. As its name implies, its administration relies on a web based graphical interface. There is no need to use a shell

Shell (computing)

A shell is a piece of software that provides an interface for users of an operating system which provides access to the services of a kernel. However, the term is also applied very loosely to applications and may include any software that is "built around" a particular component, such as web...

 to administer and configure it.
Zeroshell is available as Live CD

Live CD

A live CD, live DVD, or live disc is a CD or DVD containing a bootable computer operating system. Live CDs are unique in that they have the ability to run a complete, modern operating system on a computer lacking mutable secondary storage, such as a hard disk drive...

 and CompactFlash

CompactFlash

CompactFlash is a mass storage device format used in portable electronic devices. Most CompactFlash devices contain flash memory in a standardized enclosure. The format was first specified and produced by SanDisk in 1994...

 images, and VMware

VMware

VMware, Inc. is a company providing virtualization software founded in 1998 and based in Palo Alto, California, USA. The company was acquired by EMC Corporation in 2004, and operates as a separate software subsidiary ....

 virtual machines.

Selected Features

• RADIUS
  RADIUS
  Remote Authentication Dial In User Service is a networking protocol that provides centralized Authentication, Authorization, and Accounting management for computers to connect and use a network service...
  
   server which is able to provide strong authentication for the Wireless clients by using IEEE 802.1X
  IEEE 802.1X
  IEEE 802.1X is an IEEE Standard for port-based Network Access Control . It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN or WLAN....
  
   and Wi-Fi Protected Access
  Wi-Fi Protected Access
  Wi-Fi Protected Access and Wi-Fi Protected Access II are two security protocols and security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks...
  
   (WPA/WPA2) protocols;

• Captive portal
  Captive portal
  The captive portal technique forces an HTTP client on a network to see a special web page before using the Internet normally. A captive portal turns a Web browser into an authentication device. This is done by intercepting all packets, regardless of address or port, until the user opens a browser...
  
   for network authentication in the HotSpots by using a web browser. The credentials can be verified against a Radius server, a Kerberos
  Kerberos
  Kerberos may refer to:* Cerberus, the hound of Hades * Kerberos saga, a science fiction series by Mamoru Oshii* Kerberos , a computer network authentication protocol* Kerberos Dante, a character from Saint Seiya...
  
   5 KDC (such as Active Directory
  Active Directory
  Active Directory is a directory service created by Microsoft for Windows domain networks. It is included in most Windows Server operating systems. Server computers on which Active Directory is running are called domain controllers....
  
   KDC);

• Quality of Service
  Quality of service
  The quality of service refers to several related aspects of telephony and computer networks that allow the transport of traffic with special requirements...
  
   and traffic shaping
  Traffic shaping
  Traffic shaping is the control of computer network traffic in order to optimize or guarantee performance, improve latency, and/or increase usable bandwidth for some kinds of packets by delaying other kinds of packets that meet certain criteria...
  
   management to control the maximum bandwidth, the guaranteed bandwidth and the priority of some types of traffic such as VoIP and Peer-to-peer
  Peer-to-peer
  Peer-to-peer computing or networking is a distributed application architecture that partitions tasks or workloads among peers. Peers are equally privileged, equipotent participants in the application...
  
  ;

• VPN host-to-LAN and LAN-to-LAN with the IPSec
  IPsec
  Internet Protocol Security is a protocol suite for securing Internet Protocol communications by authenticating and encrypting each IP packet of a communication session...
  
  /L2TP
  L2TP
  In computer networking, Layer 2 Tunneling Protocol is a tunneling protocol used to support virtual private networks . It does not provide any encryption or confidentiality by itself; it relies on an encryption protocol that it passes within the tunnel to provide privacy.-History:Published in 1999...
  
   and OpenVPN
  OpenVPN
  OpenVPN is a free and open source software application that implements virtual private network techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for...
  
   protocols;

• Routing and Bridging capabilities with VLAN IEEE 802.1Q
  IEEE 802.1Q
  IEEE 802.1Q is the networking standard that supports Virtual LANs on an Ethernet network. The standard defines a system of VLAN tagging for Ethernet frames and the accompanying procedures to be used by bridges and switches in handling such frames...
  
   support;

• Firewall
  Firewall (computing)
  A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass....
  
   Packet Filter and Stateful Packet Inspection (SPI);

• Layer 7 filter to block or shape the connections generated by Peer to Peer clients;

• TCP
  Transmission Control Protocol
  The Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, complementing the Internet Protocol , and therefore the entire suite is commonly referred to as TCP/IP...
  
   and UDP (User Datagram Protocol
  User Datagram Protocol
  The User Datagram Protocol is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol network without requiring...
  
  ) virtual servers (Port Forwarding
  Port forwarding
  Port forwarding or port mapping is a name given to the combined technique of# translating the address and/or port number of a packet to a new destination# possibly accepting such packet in a packet filter...
  
  );

• Multizone DNS (Domain name system
  Domain name system
  The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
  
  ) server;

• Multi subnet DHCP server;

• PPPoE client for connection to the WAN (Wide area network
  Wide area network
  A wide area network is a telecommunication network that covers a broad area . Business and government entities utilize WANs to relay data among employees, clients, buyers, and suppliers from various geographical locations...
  
  ) via ADSL, DSL and cable lines;

• Dynamic DNS
  Dynamic DNS
  Dynamic DNS or DDNS is a term used for the updating in real time of Internet Domain Name System name servers to keep up to date the active DNS configuration of their configured hostnames, addresses and other information....
  
   client updater for DynDNS;

• NTP (Network Time Protocol
  Network Time Protocol
  The Network Time Protocol is a protocol and software implementation for synchronizing the clocks of computer systems over packet-switched, variable-latency data networks. Originally designed by David L...
  
  ) client and server;

• Syslog
  Syslog
  Syslog is a standard for computer data logging. It allows separation of the software that generates messages from the system that stores them and the software that reports and analyzes them...
  
   server for receiving and cataloging the system logs produced by the remote hosts;

• Kerberos
  Kerberos
  Kerberos may refer to:* Cerberus, the hound of Hades * Kerberos saga, a science fiction series by Mamoru Oshii* Kerberos , a computer network authentication protocol* Kerberos Dante, a character from Saint Seiya...
  
   5 authentication;

• LDAP
  Lightweight Directory Access Protocol
  The Lightweight Directory Access Protocol is an application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network...
  
   server;

• X.509
  X.509
  In cryptography, X.509 is an ITU-T standard for a public key infrastructure and Privilege Management Infrastructure . X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation...
  
  certification authority.

External links

• Zeroshell Website (English)
• Zeroshell Website (Italiano/Italian)