Chirpy

Chirpy

  • Joined: 25th June 2013
  • Articles: 1502

New cxs v2.88

Changes: – Include gzdecode() detection for PHP scripts – Switched from using LWP to HTTP::Tiny to reduce memory footprint and reliance on the LWP perl module. The HTTP::Tiny module is included in the distribution, so no further action is necessary…

New csf v6.03

Changes: – Switched from using LWP to HTTP::Tiny to reduce memory footprint and reliance on the LWP perl module. The HTTP::Tiny module is included in the distribution, so no further action is necessary – Modified lfd perl module loading to…

New csf v6.02

Changes: – Modify MESSENGER HTML header to return code 403 instead of 200 – Modify UI daemon to fallback to IPv4 if IPV6 setting is not enabled – Added new options LF_SYMLINK and LF_SYMLINK_PERM. This feature enables detection of repeated…

New cxs v2.87

Changes: – Improvements to the main decoder regex – Reverted to using temporary files during PHP file decoding due to a major bug in PHP v5.4.* which produces “Ran out of opcode space!” in interactive mode – Exploit regex definitions…

New csf v6.01

Changes: – Ensure all binaries are called with their full paths for the scheduled Server Security Check reports – Allow csf -u/-uf/–update and -c/–check when csf is disabled – Make RT_* checks IPv6 compatible – Added dns query caching for…

New csf v6.00

Changes: – Major new option – FASTSTART: This option uses IPTABLES_SAVE, IPTABLES_RESTORE and IP6TABLES_SAVE, IP6TABLES_RESTORE in two ways: 1. On a clean server reboot the entire csf iptables configuration is saved and then restored, where possible, to provide a near…

SSHD rootkit, cPanel affected

As a follow-up to the previous post, it has now been confirmed that there is an SSHD rootkit in the wild that spreads itself if you ssh from an infected server to another. The details are explained in this article…