rkhunter v1.2.8 released

A new version of the popular rootkit hunter application has been released.Uprade instructions:

wget http://downloads.rootkit.nl/rkhunter-1.2.8.tar.gztar -xzf rkhunter-*cd rkhunter./installer.sh cd ../bin/rm -Rf rkhunter*rkhunter –updaterkhunter -c –skip-keypress

Note About Comments

Please note that the comments for the ConfigServer Blog are not intended as a method to seek support for any aspect of the services or products that we produce. If you require support, please use the HelpDesk and be aware that there may be charges involved with support provision. Offending comments will be removed 😉

HelpDesk Move

We’ve moved our helpdesk to a new server (in the UK) and a new domain. for those that use our services, please update your bookmarks to use the following URL from now on:https://support.waytotheweb.com/cgi-bin/helpdesk/pdesk.cgi

PHP v4.4.2 Released by cPanel

v4.4.2 has been released for inclusion in building apache/php on cPanel servers. I’ve upgraded all of our servers with it and it appears to be working well. From the php site:

This is a bug fix release, which addresses some security problems too. The major points that this release corrects are:

  • Prevent header injection by limiting each header to a single line.
  • Possible XSS inside error reporting functionality.
  • Missing safe_mode/open_basedir checks into cURL extension.
  • Apache 2 regression with sub-request handling on non-Linux systems.
  • key() and current() regression related to references.

This release also fixes about 30 other defects

EV1 RHN Problems

Anyone with an EV1 server running RHE will probably find that up2date isn’t working. This is as a result of upgrades that EV1 have just performed on their RHN mirrors. There is a simple fix:

rpm -Uvh –force http://rhn.ev1servers.net/pub/rhn-org-trusted-ssl-cert-1.0-3.noarch.rpm

More details in the EV1 Forum thread.

New mod_security v1.9.2

A new version of mod_security has been released hereChanges:

ModSecurity 1.9.2 is primarily a bug-fix release, but itincludes a few interesting new features.ModSecurity can now be compiled against PCRE regex library(Apache 1.3.x only, Apache 2.x already uses PCRE), resultingin large performance increase. It is also possible to compileModSecurity not to use suEXEC for process creation. Someconcurrent audit logging improvements. New proof-of-conceptscript for real-time audit log centralisation. Many smallerbug fixes and improvements throughout.