Whats new in ASL 2.0 

Support for Fedora 9 Update Kernel to 2.6.25.4 Update OSSEC to 1.5 Added perl-DBD-SQLite Active Response system is now SQL driven

  Bugfixes:

• Bugfix, performance improvements for large shun rule lists
• Bugfix, psmon monitoring OSSEC in non-response mode will no longer try to start execd
  
• Bugfix, Interface fixed typo in Logfile: path that would not report the full path correctly
• Bugfix #59, non-clearing block list bug. Shuns that were expired were being reported as active.
  
• Bugfix #104, register_globals, and safe_mode on/off suppor
• Bugfix #138, Interface, HTML rendering in alerts page in the body-capture section of the alert.

Whats new in ASL 2.0 Release Candidate 2

Support for Plesk 8.4 Update mod_security to 2.5.4 Update clamav to 0.93 Update Application Inventory, Latest Coppermine and Joomla Added Application Inventory detection for Magneto, AutoIndex, AdancedPoll, and B2Evolution Added Whitelist management Interfac Added Blacklist Management Interface Added support for Blocking by Country (Geo Blocking) Added basic firewall module Added False Positive Reporting interface Added support for disabling TRACE in apache Added in Horde vulnerability checks

 Bugfixes:

• Feature Request #32, Active configuration is now the default in the web interface
• Feature Request #46, whitelist and disable rule is now a toggle button in the web interface
• Feature Request #103, modsec rule version is now tracked in the configuration files
• Bugfix #XX, gui now correctly resizes the Updates window
• Bugfix #XX, IE7 correctly renders support portal page
• Bugfix #XX, Web Interface will correctly execute/update asl core
• Bugfix #XX, Clamav 0.92->0.93 integration checks. Config files are now correctly updated
• Bugfix #60, workaround for a random permissions issue on audit logs in RHEL/Centos 5 environments
• Bugfix #111, Corrected issue with SecSignature field returning null with some updates
• Bugfix #112, fixed typo with asl and clamav cron daily cron jobs

Whats new in ASL 2.0 Release Candidate 1 Support for Fedora 8 and Fedora 9 Added support for ClamAV, all content uploaded over the web will be scanned for malware automatically Added Malware Blacklist support Added support for creating  vserver virtual servers Added ClamAV 0.92.2 Added chkrootkit 0.48 Added unhide 0.2 Added enable/disable support for mod_evasive Added daily/weekly settings for web application inventory scanning Added disclaimer banner to ssh_checks Added capability to configure apache restart policy Added capability to define the frequency of rule updates Added support for monitoring OSSEC services in client mode Updated kernel to 2.6.24.2 Updated rkhunter to 1.3.2 Updated mod_security to 2.5.1

Bugfixes:

• bugid #15, detect home dir permissions setting for admin users in Plesk environment
• bugid #16, added conditionals to detect the psmon config correctly on a new install
• bugid #17, rkhunter_check, formatting issues with root checks
• bugid #18, corrected update events to display when updates are available when called with -ck
• bugid #19, configuration_check, improved input validation on max_emails_per hour setting
• bugid #21, configuration_setup, lower bound of OSSEC's maximum alert e-mails per hour to one
• bugid #24, general_check, removed check for messagebus service
• bugid #26, ossec_check if e-mail notification is turned on, don't flag it as "failed"
• bugid #27, corrected issue with process monitoring detection
• bugid #28, removed web_check from ossec rules by default (blocked .cat domains)
• bugid #47, corrected selinux detection at install time
• bugid #50,  improved detection on php.d settings
• bugid #67, ssh_checks are more descriptive on why they will not disable root logins
• bugid #74, kernel_check, fixed detection of the kernel for the disable_module check

Whats new in ASL 2.0 Beta 4: Support for Plesk Server Administrator 8.3.0 Improved web GUI New checks for End of Life operating systems PMSON updated to 1.39 ASL command line utilites updated to 1.9.6 Added notification configuration for OSSEC New Mod_security rule manager OSSEC updated to 1.4 New vulnerability checks added for mod_evasive, grsecurity, and Plesk

Bugfixes:

• mod_evasive checks now restart apache correctly
• watchdog module no longer overwrites the default crontab for psmon
• ASL updater now correctly downloads the rule updates
• ssh checks now detect root login conditions correctly
  
• watchdog no longer checks for non-existant services, pop-ssl and imap-ssl
• rkhunter and mod_evasive checks detect missing configuration files correctly
• removed slow audit dir permissions checks

 and much much more!

This update adds in the Plesk 8.3.0 packages to the archive, and deprecates 8.2.x.

Whats New with the archive:

• Fedora Core 7  Plesk is now supported
• Layout now uses a symlink to /latest, currently pointed at 8.3.0
• Atomic Installer  will prompt to add the Plesk repo to your yum config
• Index pages have been update
• 8.2.x packages have been deprecated and removed (low on space, I'm working on that!)