Chirpy

Chirpy

  • Joined: 25th June 2013
  • Articles: 1502

New csf v6.45

Changes: Modified LF_SCRIPT_ALERT to only report detected lines Modified Server Check for sshd_config port to be case-insensitive Modified PORTS_sshd check of sshd_config port to be case-insensitive HTTP::Tiny upgraded to v0.042 Reverse sort temp bans in UI  

New cxs v4.17

Changes: Unsupported option –YSKIPWMAIL added. Using this, If –options [W] or –options [wW] is triggered, then the directory will be chmod as normal but no email will be sent. If any other option is triggered for the same scan, the…

New csf v6.44

Changes: File globbing is now allowed for logs listed in csf.logfiles and csf.syslogs Added Server Reports recommendation for CloudLinux if running CentOS or RedHat Added Server Reports CloudLinux security feature checks Modified Server Report check for dovecot v2 Updated Server…

cxs False-positive: [P0388]

You may see a false-positive in cxs after a recent release of fingerprint detections: # Known exploit = [Fingerprint Match] [PHP Exploit [P0388]] To remove the false-positive, run the following: rm -fv cxs -U Our apologies for any confusion…

New csf v6.43

Changes: Modified RESTRICT_SYSLOG_GROUP to always include /dev/log and /usr/share/cagefs-skeleton/dev/log, if a socket, if syslog/rsyslog process is not found and also to cater for systems using systemd (e.g. Fedora, RHEL v7, etc) RESTRICT_SYSLOG_GROUP taken out of BETA as it appears stable…

New cxs v4.16

Changes: Updated POD to reflect –[no]fallback being disabled by default Changed default value of –Wsymlinkmax to 1000 Changed default value of –Wsymlinksec to 10 Added performance note about using –Wsymlink [script] to POD Modified cxswatch restart routine to run …

New csf v6.42

Changes: New BETA option RESTRICT_SYSLOG_GROUP. This has been added for a new RESTRICT_SYSLOG option “3” which restricts write access to the syslog/rsyslog unix socket(s). See csf.conf and the new file for more information Those running our MailScanner implementation, you…