Server Software and Configuration Services
New cxs v2.50
Changes:
– Improvements to the Fingerprint Matching system
– Exploit regex definitions database additions
– Exploit fingerprint definitions database additions
General
New csf v5.47
Changes:
– Improvements to non-core perl module loading
– Improvements to PT_LOAD Apache Status retrieval and messages
– Regex modifications to cater for Dovecot v2.1+
– On cPanel servers, block additional ports that exim uses in the WHM > Service Manager for RT_*_BLOCK
New cxs v2.49
Changes:
– Use temporary files when performing a virus scan during –decode ([D])
– Change all clamd STREAM to SCAN scanning
– Use a robust routine for creating random temporary files during –options [Z] (scanning within archives)
– Exploit fingerprint definitions database additions
New cxs v2.48
Changes:
– Allow a value of 0 for –Wrefresh which disables the functionality in the cxs Watch daemon
– Added new advanced PHP decoder for –decode ([D])
– Stop cxs Watch from following symlinks
– Exploit regex definitions database additions
– Exploit fingerprint definitions database additions
New csf v5.46
Changes:
– Modified upgrade warning for integrated UI to not use the DA warning text
– Validate local IP addresses
– Only check local IPv6 addresses if IPV6 is enabled in config
– Separate IPv4 from IPv6 ignore CIDRs due to Net::CIDR::Lite restrictions
– Improvements to ignore files IP address validation
– Add server check for PHP v5.2.* to the obsolete/security risk list
– Add server check for RedHat/CentOS v4.* and Fedora < v15 to the obsolete/security risk list
- Removed server checks for RLimitMEM/RLimitCPU
New cxs v2.47
Changes:
– Added new advanced PHP decoders for –decode ([D])
– Change main cxs Watch process name during startup while still starting
– Exploit regex definitions database additions
– Exploit fingerprint definitions database additions
New csf v5.45
Changes:
– Only log Log Scanner in lfd.log if DEBUG set to 2 to allow empty reports if monitoring lfd.log
– Added new option LF_BOGON_SKIP. If you don't want BOGON rules applied to specific NICs, then list them in a comma separated list
– Added new option LF_CONSOLE_EMAIL_ALERT which will send an email if there is a root login to the server console. This is enabled by default
New cxs v2.46
Changes:
- Added two new advanced PHP decoders for –decode ([D])
- Exploit regex definitions database additions
- Exploit fingerprint definitions database additions
New csf v5.44
Changes:
- New feature – Log Scanner. This feature will send out an email summary of the log lines of each log listed in /etc/csf/csf.logfiles. All lines will be reported unless they match a regular expression in /etc/csf/csf.logignore
- Set LWP::UserAgent agent to “csf/[version]” instead of the default
New cxs v2.45
Changes:
- Modification to quarantine to ensure unique filenames
- Exploit regex definitions database additions
- Exploit fingerprint definitions database additions