cxs

Changes:

• Modified to unzip and scan self-contained inline PHP zip files
• Exploit fingerprint definitions database additions

Changes:

• Modified quarantine directory structure detection to fail (i.e. disable –quarantine [dir]) if using an invalid directory instead of attempting to convert it

Changes:

• Modify adding entry to /etc/chkservd/chkservd.conf when that file is missing a trailing linefeed on the last record
• Exploit fingerprint definitions database additions

If you use the cxs –bayes feature, then you can download the latest bayesian database for cxs by running:

cxs --bget

This happens automatically when a new version of cxs is released and cxs upgrades, otherwise you will have to run the command above manually.

The new database has been generated from the last 2 years worth of exploits, so should help the accuracy of exploit categorisation.

Changes:

• Reduced banner padding
• Default the initial clamd socket check to /var/clamd
• Modified UI to show if cxs watch is currently restarting
• New logo added and configured for cPanel plugins
• Exploit fingerprint definitions database additions

Changes:

• Added new option [no]unofficial. This option ignores unofficial ClamAV signatures by default. This has been brought in to tackle the increasing number of false-positives in unofficial virus signatures
• WARNING: Due to the new –[no]unofficial the unsupported option –YSKIPUNCLAM has been removed and will have no effect if used
• Modified UI to always try contacting the clamd socket to ensure it is installed, configured and running

Changes:

• Increased size of data retrieved to determine file type to improve detection of exploits hiding in image files

Changes:

• Added Scroll to Top/Bottom buttons
• Added back the warning regarding the UI ModSecurity enable option
• Consolidate images, css and javascript into a common directory in the installer
• Fixed cxs version display in UI footer

Changes:

• Modified UI to use container-fluid to improve whitespace use
• Modified pre tags to wrap on whitespace
• Added upgrade note to the top of the UI if available
• Exploit fingerprint definitions database additions