|
1 |
2 |
3 |
...|
48 |
49 |
50 |
Next»
Changes:
- Added Server Check report check that klogd is running if using syslogd or that klog module is loaded if running rsyslogd
- Added Server Check report, checks for apache settings: TraceEnable, ServerSignature, ServerTokens and FileETag on cPanel servers
- Fixed ip6tables IPV6_SPI check warning for older kernels
- Added instruction to open outgoing TCP6 and UDP6 ports when using an older kernel for ip6tables
- IPv6 Final (no longer Beta)
- Added new option LT_SKIPPERMBLOCK. If LF_PERMBLOCK is enabled but you do not want this to apply to LT_POP3D/LT_IMAPD, then enable this option
- Added new option PT_USER_ACTION. If a PT_* event is triggered, then PT_USER_ACTION will be run in a child process and passed the PID(s) of the process(es)
Changes:
- Added new option --script [script] which runs an external script whenever a match is detected against a file. See documentation for more information
- Exploit regex definitions database additions
- Exploit fingerprint definitions database additions
Changes:
- Significant improvements to --decode [file]
- Increased LWP timeout to cater for servers with slow connections to the license server
- Added total Viruses and Fingerprint Matches to the --mail Subject
- Added total Fingerprint Matches to the --summary
- Exploit regex definitions database additions
- Exploit fingerprint definitions database additions
If you are running the version 3+ of rsyslog then you may not be logging iptables kernel logs.
This will prevent investigation of iptables block issues and the csf Port Scan Tracking feature.
You need to check /etc/rsyslog.conf and ensure that the following line appears near the top of the configuration file:
$ModLoad imklog
If you have added that line, then you must then restart rsyslogd:
service rsyslog restart
Changes:
- New option CLUSTER_MASTER which is the IP of the master node in a cluster allowed to send CLUSTER_CONFIG changes. This must be set in order to use CLUSTER_CONFIG options
- Added new Cluster CLI option --cfile (-cf) for sending a file to cluster members. The file will only be uploaded to the /etc/csf/ directory
- Added new Cluster CLI option --crestart (-crs) to initiate a restart of csf and lfd on all cluster members
- Removed CLI option -ccr, --cconfigr [name] [value] in favour of the new --crs, --crestart option
- Modified regular expressions to cater for RFC3339 date format in log files. For example, RFC3339 date format used by default in rsyslog on CentOS v5.5
Changes:
- If ftp is disabled in cPanel do not start pure-uploadscript
- New --options [E]. This option will match scripts that send out email using sendmail, exim or via SMTP. This option requires that --options [m] is also specified
- Improvement to --decode [file] variable detection
- Improvements to various eval() regex matches
- Exploit regex definitions database additions
- Exploit fingerprint definitions database additions
Changes:
- Fixed bug introduced in v5.04 that omitted two outgoing DNS lookup rules that could affect servers where iptables connection tracking isn't working correctly
Changes:
- Increased PT_USERMEM default to 200 from 100 for new installations
- Fixed bug introduced in 5.04 when checking the GLOBAL_ALLOW list for report generation in lfd which caused lfd to fail in Net::CIDR::Lite
Changes:
- Updated the Server Check report IPv6 text
- Fixed ip6tables command execution in iptables firewall during startup
»
Read More
|
1 |
2 |
3 |
...|
48 |
49 |
50 |
Next»
