ConfigServer Services Blog

New cxs v1.33

Changes:

  • Updated example cPanel Account Suspend perl script to be verbose
  • cxs startup speedups
  • Add support to –script to pass the username when using –user [user]
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New MailScanner Script v2.78

Changes:

  • New alternative exim init script added for Incoming only scanning
  • New MailScanner v4.81.4:http://www.mailscanner.info/ChangeLog
  • Added Sys::SigAction to the required perl modules

New csf v5.10

Changes:

  • Always report UID:GID of a DIRWATCH file incase the user account owning a reported file no longer exists
  • Report error gracefully on CIDR->add failures and continue
  • Added “query (cache)” check to BIND flooding regex
  • Fix issue with killing Advanced Port blocks using the pipe separator
  • Update warning messages to include xt_owner with ipt_owner
  • Replace URL in Server Check for instructions on disabling IPv6
  • Fixed a bug in LF_CPANEL_ALERT ip address tracking
  • Added new option LF_CPANEL_ALERT_USERS to be used with LF_CPANEL_ALERT to alert for a specified list of WHM/cPanel account logins. See csf.conf for more information
  • Added new feature: Port Knocking. See csf.conf and readme.txt for more information on the PORTKNOCKING, PORTKNOCKING_LOG and PORTKNOCKING_ALERT options
  • Added new UI option: Quick Ignore, for IP addresses

New cxs v1.32

Changes:

  • Include an example cPanel Account Suspend perl script for use with –script /etc/cxs/cpanelsuspend.pl
  • Exploit fingerprint definitions database additions

New ClamAV v0.96.2

ClamAV 0.96.2 has been released. This version brings a new PDF parser, performance and memoryimprovements, and a number of bugfixes and minor enhancements.

New cxs v1.31

Changes:

  • Always exit if ftp/cgi user is listed in a specified ignore file
  • Disable pure-uploadscript if /etc/cxs/ftpddisable exists (in addition to /etc/ftpddisable)
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New csf v5.09

Changes:

  • Added Server Check report check that klogd is running if using syslogd or that klog module is loaded if running rsyslogd
  • Added Server Check report, checks for apache settings: TraceEnable, ServerSignature, ServerTokens and FileETag on cPanel servers
  • Fixed ip6tables IPV6_SPI check warning for older kernels
  • Added instruction to open outgoing TCP6 and UDP6 ports when using an older kernel for ip6tables
  • IPv6 Final (no longer Beta)
  • Added new option LT_SKIPPERMBLOCK. If LF_PERMBLOCK is enabled but you do not want this to apply to LT_POP3D/LT_IMAPD, then enable this option
  • Added new option PT_USER_ACTION. If a PT_* event is triggered, then PT_USER_ACTION will be run in a child process and passed the PID(s) of the process(es)

New cxs v1.30

Changes:

  • Added new option –script [script] which runs an external script whenever a match is detected against a file. See documentation for more information
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New cxs v1.29

Changes:

  • Significant improvements to –decode [file]
  • Increased LWP timeout to cater for servers with slow connections to the license server
  • Added total Viruses and Fingerprint Matches to the –mail Subject
  • Added total Fingerprint Matches to the –summary
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions