|
|

|
|
Home
|
|
Written by scott
|
|
Tuesday, 20 October 2009 |
|
By popular demand we've been working on a qmail-scanner like project for Postfix. So far we've looked at clamavsmtpd, amavisd-new, mailscanner, and clapf. To date clapf has been the most successful, and resource efficient with a resident memory footprint less than 5% of the other solutions (you read that right!). The initial prototype of the core daemon is available in the Atomic Testing channel now. Currently it supports clamav and spamassassin, and should drop in to a postfix environment (plesk or otherwise) with no configuration required. To install: 1) yum install clapf 2) /etc/init.d/clapf start 3) /etc/init.d/postfix restart Write Comment (0 Comments) |
|
|
Written by scott
|
|
Monday, 28 September 2009 |
| Its been 4 years since we started the Atomic Secured Linux (ASL) project, which has always maintained a close relationship with my personal website. We've grown a lot over the last few years, and now the project is moving to its new home: www.atomicorp.com with its new logo and mascot, SurlyTurtle(tm). The ART forums will continue to live here, and are now duplicated at www.atomicorp.com/forums, I encourage everyone to move over to that link just for SSL sanity sake. Stay tuned to the new site as we merge in more content from our other sites at gotroot.com and www.progllc.com! |
|
Write Comment (0 Comments) |
|
Last Updated ( Monday, 28 September 2009 )
|
|
|
Written by scott
|
|
Wednesday, 26 August 2009 |
|
This is the official release for Atomic Secured Linux (ASL), version 2.2.
Changelog: * ASL Web, the standalone web gui. A dynamic, resizable open interface to manage security policy and event information. * Kernel 2.6.29.6, with support for vmware's VMI interface, ext4 and btrfs file systems, and much much more * OSSEC upgraded to 2.1 * ASL Core has been completely re-written in C for faster and more flexible capabilities * Added vulnerability checks for simple FTP passwords * Added new dynamic purge events for stale blocklist entries * Added vulnerability checks for excessive whitelists * Whitelisting now handles bitmask based whitelisting across all services
|  |
* Added checks for SSL/TLS usage in qmail * Added expose_php checks for Plesk daemons * Command line arguments now support multiple entries (--blacklist 1.2.3.4 4.5.6.7 7.8.9.10) * Extended firewall module checking in the asl-mod init script * Added ability to disable SSH Banner checks (for lemonbit) * Added ability to set Apache "graceful" restarts (for enom) * PHP checks for safe_mode have been lowered from "high" to "moderate" * PHP checks for escapeshellcmd have been dropped to "low" * Added configuration checks for the Plesk 9 /etc/xinet.d/ excludes in rkhunter * Added vulnerability check for psa-atmail * Added vulnerability check for psa-proftpd * Added SSL settings detection between Plesk 8.x and 9.x * RKHUNTER_SSH_ROOT_LOGIN now defaults to SSH_ROOTLOGINS variable by default * Added detection for Horde and Squirrelmail during PHP functions check in the configuration phase. This will automatically allow the required PHP functions (popen, etc). * Added migration routine for plesk environments from the old asl-web-gui to the new asl-web * update to KERNELS file to support the new 2.6.29.6 kernels * Updated configuration_setup to detect & start mysql if its not running * Update on ossec_database_setup to warn on blank passwords * Added routine to kill stale ossec-dbd processes in ossec_check * Removed restrictions on the max length of a message field in the Events Display * New turtle graphics, now with Lensflare! * Optional: An upgraded psa-proftp for Plesk users to 1.3.2a, which includes SFTP, RBL (real-time black lists), and ClamAV support Bugfixes Bugfixes: - Bugfix on remove-blacklist - Bugfix #XXX, fix for vulnerability scanner to show details if there was only 1 entry - Bugfix #XXX, fix for ossec excessive whitelists check to show correct vuln level based on total # of whitelists - Bugfix #XXX, correctly install the asl-button for plesk environments - Bugfix #XXX, on ossec_database_setup - Bugfix #XXX, on asl-mod (adds more modules) - Bugfix #XXX, on white/black/geoblock/blocking .js files - Bugfix #XXX, ssh_check, added missing message for GSSAPICleanup test - Bugfix #XXX, rkhunter_check, added missing message for SSH protocol 1 test - Bugfix #XXX, multi-arguement/value events - Bugfix #XXX, in vulnerability stub data for ET_EXEC - Bugfix #XXX, ssh_check banner test (bareword found issue) - Bugfix #XXX, Added a condition to detect /var/asl/tmp/VERSION on new installs - Bugfix #XXX, --whitelist typo on the asl-shun command - Bugfix #XXX, ssh_check, Added more logic around allowed root logins, this will skip the fixed check now and just report it as allowed/vulnerable if it is fact allowed. - Bugfix #xxx, mod_security, cleaned up path checking on SecTmpDir - Bugfix #xxx, php_check, Changed execute flag string to be more clear on exentions check - Bugfix #xxx, php_check, disable_functions check will now create the line if it doesnt exist rather than rewrite it - Bugfix #XXX, for pending updates check - Bugfix #XXX, for denyhosts bitmask whitelist - Bugfix to detect spamassassin before checking its permissions - Bugfix for ossec_check and web.conf, deprecated dhtml.conf files - Bugfix for mod_security_check to correctly parse Dir directives - Bugfix for mod_security_check SecAuditLogStorageDir - Bugfix, mod_security_check now supports both "on/off" and "yes/no" values - Bugfix, mod_security_check copies rulegroups over correctly now - Bugfix, mod_security_check copies over tertiary configs now (spam.conf, sql.txt, etc) - Bugfix, mod_security_check, when the whitelist is enabled, it is now flagged as a vulnerability - Bugfix, php_check updated to support yes/no, and on/off conditions - Bugfix #XXX, corrected condition where ssh vulnerability checks were not being reported for SSH password authentication being enabled. - Bugfix #XXX, added a wrapper to lint the config file for the CONFIGURED flag
Upgrading to 2.2:
1) Ensure that you allow mysql connections from localhost, and that skip-networking is not set in /etc/my.cnf
2) yum upgrade 3) asl -s -f 4) Log in to the web interface on port 30000 with your web browser with the credentials: username: admin password: setup
To Install on a clean system: 1) wget -q -O - http://www.atomicorp.com/installers/asl |sh
2) Log in to the web interface on port 30000 with your web browser with the credentials: username: admin password: setup Write Comment (0 Comments) |
|
Last Updated ( Wednesday, 26 August 2009 )
|
|
|
Written by scott
|
|
Tuesday, 28 July 2009 |
This is a release announcement for ASL 2.2 Beta 3, which should be the last beta release before the final GA for 2.2. I hope! Please test, abuse, and continue getting back to us with your bug reports. This includes builds for all platforms, entOS/RHEL 4, CentOS/RHEL 5, and Fedora 4-10 on i386 and x86_64.
|
|
Changelog: - Added default layout to gui - Bugfix for missing graphics error - Set default size for events view, resizing for bulletins window, and new interface buttons for event view - Added alternating background colors to rows in bulletin, module and signature windows - Corrected log display in event detail window - Made event detail window slightly less ugly - Moved ASL Web configs to the asl-web rpm - Corrected log display in event detail window - Made event detail window slightly less ugly - Changed file integrity window: removed file name search added result limiter (50,100,250 results or all within last 1/3/7 days) default display is most recent 50 results - Changed event log window: removed time filter fields added result limiter (50,100,250 results) added filters by event type (blocked or info) addes signature id field reversed sorting to date descending - Improved performance of window fade in/out - Fixed js error from empty blacklist - Fixed interface module display for non-admin UI user - Added Layout window to interface module Allows admin to set initial visibility and position of windows, and control access to windows Menu visibility for a window may be set to on, off or admin only X/Y positions may be set to an integer or 'auto', which will leave the window in its normal cascaded position Visibility and menu presence may not be altered for detail windows, but they may be set to open in a fixed position - Bugfix, ssh_check banner test (bareword found issue) - Bugfix, Added a condition to detect /var/asl/tmp/VERSION on new installs - Added additional Dependencies to ASL Web - Added zero entry checks to inventory and events windows - Bugfixes on configuration_setup and ossec_database_setup.
For new installs: wget -q -O - http://www.atomicorp.com/installers/asl-beta |sh
For upgrades from ASL 2.0: yum --enablerepo=asl-2.0-testing upgrade asl yum --enablerepo=asl-2.0-testing install asl-web Write Comment (1 Comments) |
|
Last Updated ( Tuesday, 28 July 2009 )
|
|
|
Written by scott
|
|
Monday, 23 February 2009 |
This is to announce the official release of ASL 2.0.7, and the long awaited Plesk 9 support. There have been no changes made to the package since the previous release candidate, so there isn't much to say here other than to stamp Plesk 9"supported". Enjoy!
|
|
Release Notes: * Due to Plesk architecture changes, the ASL 2.6.27.x kernels are *required* for Plesk 9 support. If you cannot use the ASL 2.6.27.x kernels for some reason, you can also use the default kernel provided by your OS vendor. Write Comment (1 Comments) |
|
Last Updated ( Tuesday, 28 July 2009 )
|
|
|
Written by scott
|
|
Sunday, 22 February 2009 |
This is announcing the ASL 2.1 alpha with the stand-alone ASL-Web interface to the [asl-2.0-bleeding] channel. As this is an alpha release, and therefore unsupported code. Please send feedback to
This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
rather than post to the forums.
Changelog
- Added ASL Web, stand alone GUI (default account: admin, password: setup) - First new-architecture module rewrite, kernel_check is now written in C - Added logic to configure and install the default ASL Web databases - Added asl-web init script, /etc/init.d/asl-httpd - Added asl-web sysconfig, /etc/sysconfig/asl-httpd To Install: yum --enablerepo=asl-2.0-bleeding upgrade asl yum --enablerepo=asl-2.0-bleeding install asl-web |
| Write Comment (0 Comments) |
|
Last Updated ( Sunday, 22 February 2009 )
|
|
| | << Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
| | Results 12 - 22 of 184 | |
|
|