Server Software and Configuration Services
New cxs v2.65
Changes:
– Added new advanced PHP decoder for –decode ([D])
– Improvements made to md5sum ignore procedure
– Fixed problem when using md5sum ignore within archives
ConfigServer Services Blog
New cxs v2.64
Changes:
– Improvements to –decode ([D]) variable detection
– Added new advanced PHP decoder for –decode ([D])
– Exploit fingerprint definitions database additions
New csf v5.59
Changes:
– Fixed a loop which caused high load when using GLOBAL_IGNORE
– Improvements to GLOBAL_IGNORE load speed and effectiveness
– Improvements to CC_IGNORE load speed
New csf v5.58
Changes:
– Corrected ST_APACHE error message return text
– Add meaningful message if stats graph generation fails in UI
– Added new icon in UI for “Quick Allow” that inserts the current visitors IP address
– Added new icon in UI for “Quick Ignore” that inserts the current visitors IP address
– Replaced some of the included icons
New cxs v2.63
Changes:
– Additional reasons for scan skipping added for –debug output
– Reload ignore file in cxs watch parent as well as children for rate limit warning
– New feature added –Wrateignore [secs]. To help prevent excessive resource usage, cxs Watch will ignore files for [secs] seconds if the rate limit warning is issued. Scanning will then resume. Set this to 0 to disable the ignore feature. This option is set to 300 (i.e. 5 mins) for new installations
New csf v5.57
Changes:
– Added new option PT_APACHESTATUS to configure the URL to the Apache Status URL during PT_LOAD alert report
– Added Apache Statistics to ST_SYSTEM. A new option ST_APACHE must be set to collect these statistics and PT_APACHESTATUS must be correctly set. ST_APACHE is disabled by default
– Modification to SYSLOG option to remove the later introduced “nofatal” option to improve backwards compatibility, also enable the “pid” option to log the process ID
– Added new options SYSLOG_CHECK and SYSLOG_LOG to check whether syslog is running. See csf.conf for more information. This option is disabled by default, but we recommend that it is enabled on all servers
– Added SYSLOG_CHECK to Server Check Report recommended settings
New cxs v2.62
Changes:
– Removed extraneous / in the cgi email notification for the “Web upload script URL”
– Added cxs Watch logging for Inotify IN_Q_OVERFLOW events with a recommendation to increase /proc/sys/fs/inotify/max_queued_events if this occurs
– Added file check before invoking Inotify to confirm it exists to avoid spurious errors on VPS servers
– Allow files as well as directories in –Wadd [file]
– Exploit regex definitions database additions
– Exploit fingerprint definitions database additions
New ClamAV v0.97.5
A new version was released, but no notification on their blog or mailing list seems to have been posted. MailScanner version has been updated for upgrade.
New MailScanner Front-End (MSFE) v4.37
Changes:
– Fixed issue when disabling/enabling some of MailScanner Performance settings causing configuration errors
New csf v5.56
Changes:
– Improvements to ST_MYSQL password detection in /root/.my.cnf where the password is quoted
– Improvements to the SMTP AUTH regex to cope with differing settings in exim log_selector
– Removed debugging code in SMTP AUTH regex detection