Changes:

- Added new advanced PHP decoders for --decode ([D])

- Change main cxs Watch process name during startup while still starting

- Exploit regex definitions database additions

- Exploit fingerprint definitions database additions

 

Changes:

- Only log Log Scanner in lfd.log if DEBUG set to 2 to allow empty reports if monitoring lfd.log

- Added new option LF_BOGON_SKIP. If you don't want BOGON rules applied to specific NICs, then list them in a comma separated list

- Added new option LF_CONSOLE_EMAIL_ALERT which will send an email if there is a root login to the server console. This is enabled by default

• Added two new advanced PHP decoders for --decode ([D])


• Exploit regex definitions database additions


• Exploit fingerprint definitions database additions

• New feature - Log Scanner. This feature will send out an email summary of the log lines of each log listed in /etc/csf/csf.logfiles. All lines will be reported unless they match a regular expression in /etc/csf/csf.logignore


• Set LWP::UserAgent agent to "csf/[version]" instead of the default

• Modification to quarantine to ensure unique filenames


• Exploit regex definitions database additions


• Exploit fingerprint definitions database additions

• Modified to remove cPanel process limits when run


• Modified from using backticks to open3


• Removed use of wget binary

• Fixed version module error in cPanel log


• cPanel v11.28+ now a requirement

• Changes "no_message_logs" to "message_logs = false" for exim.conf so that the new cPanel v11.32 exim configuration editor doesn't complain


• New Mailscanner v4.84.3:
  http://www.mailscanner.info/ChangeLog

• Include new MailWatch database creation SQL to cope with changes in MySQL v5.5 which are not backwards compatible

• Added new --ignore [file] option pscript: - regex of web script to ignore


• Set --options [P] ftp timeout to 10 seconds


• Exploit regex definitions database additions


• Exploit fingerprint definitions database additions