Server Software and Configuration Services
New cxs v1.41
Changes:
- Enabled option –options [Z] by default for scanning within compressed archives
- Suppress error output from Archive::Tar
- Exploit fingerprint definitions database additions
General
New cxs v1.40
Changes:
- Improved detection of ruby and c exploits
- Added the ability to use –quarantine and –delete when performing a manual or scheduled scan. However, since the likelihood of a false-positive is relatively high, this is not recommended without care and understanding of the implications
- Added test for existence of –quarantine [dir]. If it does not exist an error will be shown and the scan will continue with the quarantine directive disabled
- New –options [Z]. This option decompresses archives (e.q. zip, tar, tar.gz and tar.bz2 files) and scans each file within the archive using the same options provided to the original scan
- Added –options [Z] to WHM UI
- Updated perl modules requirements to now include: Archive::Zip and Archive::Tar
- Cater for single quotes in cron jobs in the WHM UI
- Exploit regex definitions database additions
- Exploit fingerprint definitions database additions
New csf v5.13
Changes:
- Added obsolete OS checkes for Fedora v11 and v12, plus RedHat/CentOS v2 and v3 in Server Check
- Fixed broken reference URL’s in Server Check for cPanel servers
- Modified statistics to not display pie chart if no data is available
- Sort LF_DIRWATCHFILE output by time to improve the reported results
- Added new setting for AT_ALERT to only trigger on modification to the root account (i.e. not all superuser accounts)
- Tested successfully for support on Fedora v14 and Ubuntu v10.10
New cxs v1.39
Changes:
- Exploit regex definitions database additions
- Exploit fingerprint definitions database additions
New csf v5.12
Changes:
- Added some lfd blocking statistics which can be viewed via the UI. Requires gd graphics library and the GD::Graph perl module with all dependent modules
- Added 8th argument to BLOCK_REPORT for the setting that triggered the block
- Added setting that triggered a block to lfd log lines
New csf v5.11
Changes:
- Removed erroneous Port Knocking messages in lfd.log when PORTKNOCKING_ALERT not enabled
- Added ‘exe:/usr/bin/postgres’ to the cPanel csf.pignore for new installations
- Added retry timeout in WHM UI for checking www.configserver.com for new version information (to avoid repeated hangs when unreachable)
- Fixed LF_PERMBLOCK issue that flushed all temporary IP blocks, not just the IP being permanently blocked
- Added check to PHP Server Check that php -i output is complete
New cxs v1.38
Changes:
- Improvements to –decode ([D]) option
- Added [D] option to UI
- Fixed typo in UI
- More detailed message for when –filemax reached in a directory
- Exploit regex definitions database additions
- Exploit fingerprint definitions database additions
New cxs v1.37
Changes:
- Fixed bug in –options [D] when running under a non-root account
- Modified –script [script] execution to prevent stray output from [script] when –quiet used
- Added retry timeout in WHM UI for checking www.configserver.com for new version information (to avoid repeated hangs when unreachable)
- Included additional instructions in install.txt to install additional unofficial ClamAV databases from Sanesecurity
- Exploit regex definitions database additions
- Exploit fingerprint definitions database additions
New cxs v1.36
Changes:
- Significant Improvements to –decode ([D]) option
- Added verbose switch to example cPanel Account Suspend perl script
- Exploit regex definitions database additions
- Exploit fingerprint definitions database additions
New cxs v1.35
Changes:
- Optimised fingerprint definitions database
- Removed fingerprint definitions database false-positive