This is a release announcement for ASL 2.2 Beta 3, which should be the last beta release before the final GA for 2.2. I hope! Please test, abuse, and continue getting back to us with your bug reports. This includes builds for all platforms, entOS/RHEL 4, CentOS/RHEL 5, and Fedora 4-10 on i386 and x86_64.
| 
|
Changelog:
- Added default layout to gui
- Bugfix for missing graphics error
- Set default size for events view, resizing for bulletins window, and new interface buttons for event view
- Added alternating background colors to rows in bulletin, module and signature windows
- Corrected log display in event detail window
- Made event detail window slightly less ugly
- Moved ASL Web configs to the asl-web rpm
- Corrected log display in event detail window
- Made event detail window slightly less ugly
- Changed file integrity window:
removed file name search
added result limiter (50,100,250 results or all within last 1/3/7 days)
default display is most recent 50 results
- Changed event log window:
removed time filter fields
added result limiter (50,100,250 results)
added filters by event type (blocked or info)
addes signature id field
reversed sorting to date descending
- Improved performance of window fade in/out
- Fixed js error from empty blacklist
- Fixed interface module display for non-admin UI user
- Added Layout window to interface module
Allows admin to set initial visibility and position of windows, and
control access to windows
Menu visibility for a window may be set to on, off or admin only
X/Y positions may be set to an integer or 'auto', which will leave
the window in its normal cascaded position
Visibility and menu presence may not be altered for detail windows,
but they may be set to open in a fixed position
- Bugfix, ssh_check banner test (bareword found issue)
- Bugfix, Added a condition to detect /var/asl/tmp/VERSION on new
installs
- Added additional Dependencies to ASL Web
- Added zero entry checks to inventory and events windows
- Bugfixes on configuration_setup and ossec_database_setup.
For new installs:
wget -q -O - http://www.atomicorp.com/installers/asl-beta |sh
For upgrades from ASL 2.0:
yum --enablerepo=asl-2.0-testing upgrade asl
yum --enablerepo=asl-2.0-testing install asl-web
|
Written by beval2009 on 2009-10-27 07:05:39
Atomic Secured Linux(tm) version 1.0 is a linux security solution, distributed through a subscription yum channel. It works by combining both Kernel hardening techniques, as well as userspace Intrusion Prevention Systems (IPS) to your web application hosting environment. ASL is specifically targeted at addressing the threats posed by vulnerabilities in applications, such as CRM's, forums, shopping carts, or other custom applications. testking HP0-D04 The design of ASL approaches securing the server, and its applications, by using an application layer firewall to filter out malicious content, before it reaches the application. The hardened kernel subsystems further enhance the overall security model by enforcing file and process level security policies on the system. testking 642-654 The advantages of the ASL approach to security, is that it addresses the security threats posed by web based applications where either it is not possible to fix the application due to lack of source code, or availability of resources, or the number of applications make repairing all vulnerabilities economically unfeasible. It offers among many other features:
* Stack overflow protection from the PaX project, that addresses exploits in services on the system, such as apache, bind, or secure shell
* An intelligent and robust Role-Based Access Control (RBAC) system that can generate least privilege policies for your entire system with no configuration, from the Grsecurity project.
* Trusted Path Execution, which only allows untrusted users such as apache to execute commands owned by root, thus simply preventing testking 642-825 a whole class of exploit techniques used by attackers, or internet worms
* Users are restricted to only view their processes
* Application layer firewalling through mod_security, and the industry leading rules created by Atomicorp at gotroot.com, optimized for Plesk Server Administrator environments.
* Denial of Service protection through mod_evasive
| |
Only registered users can write comments.
Please login or register. Powered by AkoComment 2.0.3! |
