Server Software and Configuration Services
New ClamAV v0.97.7
http://blog.clamav.net/2013/03/clamav-0977-has-been-released.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Clamav+%28ClamAV%C2%AE%29
Chirpy
WHM/cPanel v11.36 in RELEASE
cPanel v11.36 has now entered the RELEASE tree and you will notice that most of your addon perl scripts failing. You can resolve this easily with our addons by reinstalling them. We have provided a simple script that can do…
New csf v6.01
Changes: – Ensure all binaries are called with their full paths for the scheduled Server Security Check reports – Allow csf -u/-uf/–update and -c/–check when csf is disabled – Make RT_* checks IPv6 compatible – Added dns query caching for…
New csf v6.00
Changes: – Major new option – FASTSTART: This option uses IPTABLES_SAVE, IPTABLES_RESTORE and IP6TABLES_SAVE, IP6TABLES_RESTORE in two ways: 1. On a clean server reboot the entire csf iptables configuration is saved and then restored, where possible, to provide a near…
SSHD rootkit, cPanel affected
As a follow-up to the previous post, it has now been confirmed that there is an SSHD rootkit in the wild that spreads itself if you ssh from an infected server to another. The details are explained in this article…
New csf v5.79
Changes: – Modified csf error routine to store failing error in csf.error and display an instructional message – Check for libkeyutils-1.2.so.2 in LF_EXPLOIT option SSHDSPAM – Modified the Server Report proxysubdomains check on cPanel servers – Added new options CC_DENY_PORTS,…
New MailScanner Front-End v4.39
Changes: – Modified mailwatch to cater for new binary locations in cPanel v11.36+ – Reinstall Razor2::Client::Agent if running cPanel v11.36+ and not installed in the new perl /opt location – Removed long defunct “Update SpamAssasin Rule Descriptions” link from mailwatch
New csf v5.78
Changes: – Due to issues that some are experiencing with the switch from the state to the conntrack module a new settings has been added USE_CONNTRACK which is disabled by default except on servers running kernel 3.7+ where on new…
New csf v5.77
Changes: – Add an exception for the useless Virtuozzo kernels iptables implementation so that csf uses the deprecated state module instead of conntrack
New csf v5.76
Changes: – Only add the /128 IPv6 bound address per NIC instead of the whole /64 to the local IPv6 addresses – Modify SSHD and SU regexes to allow for empty hostname field in log file – Added new option…