cxs

New cxs v5.22

Changes:

  • Ensure timestamp and cxs command are prepended to –report [file]
  • Fix cxs Watch Timestamp in report emails
  • When using –options W ensure that resource is a directory and not a symlink or socket

New cxs v5.21

Changes:

  • Fixed issue in cxs Watch when –www is used and a new account is created through restore on cPanel servers
  • cxs Watch now tracks the parent directories for all users when –allusers is used and will add them back if they disappear and are recreated

New cxs v5.20

Changes:

  • Fixed systemd cxs watch UI commands
  • Exploit fingerprint definitions database additions

New cxs v5.19

Changes:

  • Re-added POSIX Locale after changes in v5.16
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New cxs v5.18

Changes:

  • Added white-space pre-wrapping to HTML emails
  • UI HTML updates and fixes
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New cxs v5.17

Changes:

  • Fixed –qcreate POD text
  • Added systemd support for pure-uploadscript

New cxs v5.16

Changes:

  • WARNING: The report format has changed in this version. If you are parsing cxs reports, they now show the filename and then all hits reported against that file before reporting the next file. Previously each reported hit was shown separately with the filename following
  • Renamed cxs cron job in /etc/cron.d/ from cxs.cron to cxs-cron to cater for non-LSB compliant Linux cron managers
  • New option –[no]html. With –[no]html enabled (default), emails will be sent in both plain-text and HTML formats. The option does not apply if –template [file] is used
  • Fixed cxs Watch to remove rateignore data for a file if it is deleted
  • Fixed rateignore hash array lookup and unneccessary rateignore removal causing files to be skipped
  • Added unsupported option –YRATEIGN. See POD for more information
  • Improvement to PHP script detection
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New cxs v5.15

Changes:

  • Fix for POD cron jobs RECOMMENDATIONS text

New cxs v5.14

Changes:

  • Modified –Wrateignore [secs] so that ignored resources are rescanned once [sec] expires
  • Modified cxs watch so that resource attribute changes only trigger an inotify event if –options [w] or [W] are used
  • cxswatch.sh now disables the world writable directory check options on new installations (–options -wW)
  • Removed options –Wsymlink [script], –Wsymlinkmax [num] and –Wsymlinksec [secs]. These options provided ineffective control of such exploits and caused performance isses with cxs Watch. The options will no longer function, but cxs commands will not fail if they are used
  • Updated cxs RECOMMENDATIONS section

New cxs v5.13

Changes:

  • Ensure –Wrateignore [secs] has default values set in cxs Watch if –Wsleep [num] is set to 0
  • Added unsupported options –YRATECNT [num] and YRATESEC [secs]. See POD for more information
  • Exploit fingerprint definitions database additions