Main Menu

Home
About
Contact
Downloads
Forums
Gallery
News
Projects
Subscription
Tutorials
Wiki

Login Form






Lost Password?
No account yet? Register

Donate to A.R.T.

Polls

What distro are you using:
 

Advertisement

Syndicate

powered_by.png, 1 kB

Archive Changelog


Home
Atomic Secured Linux 2.2 Release Print E-mail
Written by scott   
Wednesday, 26 August 2009

 

This is the official release for Atomic Secured Linux (ASL), version
2.2.

Changelog:
* ASL Web, the standalone web gui. A dynamic, resizable open interface
to manage security policy and event information.
* Kernel 2.6.29.6, with support for vmware's VMI interface, ext4 and
btrfs file systems, and much much more
* OSSEC upgraded to 2.1
* ASL Core has been completely re-written in C for faster and more
flexible capabilities
* Added vulnerability checks for simple FTP passwords
* Added new dynamic purge events for stale blocklist entries
* Added vulnerability checks for excessive whitelists
* Whitelisting now handles bitmask based whitelisting across all services
 Atomic Secured Linux

 * Added checks for SSL/TLS usage in qmail
* Added expose_php checks for Plesk daemons
* Command line arguments now support multiple entries (--blacklist 1.2.3.4 4.5.6.7 7.8.9.10)
* Extended firewall module checking in the asl-mod init script
* Added ability to disable SSH Banner checks (for lemonbit)
* Added ability to set Apache "graceful" restarts (for enom)
* PHP checks for safe_mode have been lowered from "high" to "moderate"
* PHP checks for escapeshellcmd have been dropped to "low"
* Added configuration checks for the Plesk 9 /etc/xinet.d/ excludes in rkhunter
* Added vulnerability check for psa-atmail
* Added vulnerability check for psa-proftpd
* Added SSL settings detection between Plesk 8.x and 9.x
* RKHUNTER_SSH_ROOT_LOGIN now defaults to SSH_ROOTLOGINS variable by default
* Added detection for Horde and Squirrelmail during PHP functions check in the configuration phase. This will automatically allow the required PHP functions (popen, etc).
* Added migration routine for plesk environments from the old asl-web-gui to the new asl-web
* update to KERNELS file to support the new 2.6.29.6 kernels
* Updated configuration_setup to detect & start mysql if its not running
* Update on ossec_database_setup to warn on blank passwords
* Added routine to kill stale ossec-dbd processes in ossec_check
* Removed restrictions on the max length of a message field in the Events Display
* New turtle graphics, now with Lensflare!
* Optional: An upgraded psa-proftp for Plesk users to 1.3.2a, which includes SFTP, RBL (real-time black lists), and ClamAV support

Bugfixes

 Bugfixes:
- Bugfix on remove-blacklist
- Bugfix #XXX, fix for vulnerability scanner to show details if there
was only 1 entry
- Bugfix #XXX, fix for ossec excessive whitelists check to show correct
vuln level based on total # of whitelists
- Bugfix #XXX, correctly install the asl-button for plesk environments
- Bugfix #XXX, on ossec_database_setup
- Bugfix #XXX, on asl-mod (adds more modules)
- Bugfix #XXX, on white/black/geoblock/blocking .js files
- Bugfix #XXX, ssh_check, added missing message for GSSAPICleanup test
- Bugfix #XXX, rkhunter_check, added missing message for SSH protocol 1
test
- Bugfix #XXX, multi-arguement/value events
- Bugfix #XXX, in vulnerability stub data for ET_EXEC
- Bugfix #XXX, ssh_check banner test (bareword found issue)
- Bugfix #XXX, Added a condition to detect /var/asl/tmp/VERSION on new
installs
- Bugfix #XXX, --whitelist typo on the asl-shun command
- Bugfix #XXX, ssh_check, Added more logic around allowed root logins,
this will skip the fixed check now and just report it as
allowed/vulnerable if it is fact allowed.
- Bugfix #xxx, mod_security, cleaned up path checking on SecTmpDir
- Bugfix #xxx, php_check, Changed execute flag string to be more clear
on exentions check
- Bugfix #xxx, php_check, disable_functions check will now create the
line if it doesnt exist rather than rewrite it
- Bugfix #XXX, for pending updates check
- Bugfix #XXX, for denyhosts bitmask whitelist
- Bugfix to detect spamassassin before checking its permissions
- Bugfix for ossec_check and web.conf, deprecated dhtml.conf files
- Bugfix for mod_security_check to correctly parse Dir directives
- Bugfix for mod_security_check SecAuditLogStorageDir
- Bugfix, mod_security_check now supports both "on/off" and "yes/no"
values
- Bugfix, mod_security_check copies rulegroups over correctly now
- Bugfix, mod_security_check copies over tertiary configs now
(spam.conf, sql.txt, etc)
- Bugfix, mod_security_check, when the whitelist is enabled, it is now
flagged as a vulnerability
- Bugfix, php_check updated to support yes/no, and on/off conditions
- Bugfix #XXX, corrected condition where ssh vulnerability checks were
not being reported for SSH password authentication being enabled.
- Bugfix #XXX, added a wrapper to lint the config file for the
CONFIGURED flag



Upgrading to 2.2:

1) Ensure that you allow mysql connections from localhost, and that
skip-networking is not set in /etc/my.cnf

2) yum upgrade

3) asl -s -f

4) Log in to the web interface on port 30000 with your web browser with
the credentials:
username: admin
password: setup




To Install on a clean system:
1) wget -q -O - http://www.atomicorp.com/installers/asl |sh

2) Log in to the web interface on port 30000 with your web browser with
the credentials:
username: admin
password: setup

Comments

Only registered users can write comments.
Please login or register.

Powered by AkoComment 2.0.3!

Last Updated ( Wednesday, 26 August 2009 )
 
< Prev   Next >
[ Back ]
© 2010 atomicrocketturtle.com :: digital turtlist
Joomla! is Free Software released under the GNU/GPL License.
sheta@atomicrocketturtle.com
Fight Spam! Click Here!