Chirpy

Changes: Modified cxs Watch so that watches are updated/created if the alternative configuration file reload method is used Exploit fingerprint definitions database additions BETA: Added a local bayes corpus so that learning and forgetting can be implemented locally BETA: Added…

Changes: A situation where Fingerprint P0452 persists was missed and is now removed  

Changes: Fingerprint P0452 removed as it appears some legitimate scripts are using the same obfuscation technique commonly used in exploits BETA: Bayes corpus size decreased by a further 28% but with increased accuracy Exploit fingerprint definitions database additions  

Changes: BETA: Bayes corpus format improved – if you are using this feature, download the new corpus using “cxs –bget” BETA: Bayes corpus memory footprint decreased by a further 20% BETA: Bayes corpus loading speed improvements  

Changes: Improvements to the main decoder regex Improvements to decoder string extraction Fixed formatting of –qlocal documentation BETA: New Bayes corpus generated – if you are using thie feature, download the new corpus using “cxs –bget” BETA: Bayes corpus size…

Changes: Added option –qlocal which provides quarantine support when using mod_ruid2 by storing quarantined files within a users account. See documentation for more information and caveats BETA: Bayes learning improvements (speed, memory) BETA: Bayes reporting improvements (speed, memory) BETA: New…

Changes: BETA: Bayes corpus loading speed improved by 100% BETA: Bayes corpus memory footprint decreased by 20% BETA: Increased minimum score size for Bayes reporting to help reduce false-positives  

Changes: New option –[no]bayes (currently in BETA). Naive Bayesian probabability scanning of script files. This option uses an enhanced Naive Bayes algorithm to report a probability that a scanned script is an exploit. This is achieved through a trained corpus…