by Support (2017-01-23):
- New ASL Web Interface
- Firewall Interrogator
- Kernel 4.4 support
- OSSEC 2.9
- Docker support
- Multi-PHP support
- Cpanel easyapache 4 support
- Feature Request #1641, Firewall, active response is written to the INPUT table, it should be written to the ACTIVE-RESPONSE table
- Feature Request #1747, T-WAF, raise limits in tortixd.conf if configured as a local T-WAF
- Feature request #1876, WAF, add lua rule checks to waf report
- Feature Request #1955, Firewall, Lint /etc/asl/whitelist for valid IP's and CIDR blocks
- Feature Request #2037, SSH, For UseDNS off on cpanel systems
- Feature Request #2050, HIDS, Configure OSSEC HELO message
- Feature Request #2055, Add support for Openvz/Virtuozzo Linux 7.0
- Feature Request #2067, T-WAF, Add SSLCertificateChainFile to the T-WAF configuration options
- Feature request #2095, ASL Web, Help dialog
- Feature Request #2096, SSH, add AllowTCPForwarding check
- Feature Request #2102, SSH, add AllowX11Forwarding check
- Feature Request #XXXX, HIDS, add support for user defined per-rule active responses
- Feature Request #XXXX, HIDS, Add support for a user defined list of logs to monitor: /etc/asl/logfiles. Format: <file>,<ossec-type>
- Feature Request #XXXX, HIDS, dynamic scaling for real-time filesystem monitoring inotify watches
- Bugfix #1782, Plesk, fix scoreboard file in proftpd opture input for f_am_local_port
- Bugfix #1906, WAF, add bzip2 and libapache2-modsecurity as debian/ubuntu dependencies
- Bugfix #1924, ALLOW_eval setting has no effect. This is not a function, and thus, cannot be disabled
- Bugfix #1944, Malware Detection, cpanel ftp upload scanner
- Bugfix #1947, Auditdir and Tmp dir for WAF were immutable
- Bugfix #1949, Vulnerability scanner, Error: could not find general_firewall_ftp_mod
- Bugfix #1962, remove duplicate hmac lines
- Bugfix #1978, Firewall, alert if the asl-firewall service is disabled and show a big red X on the gui
- Bugfix #1979, Watchdog, _watchdog::watchdog_check 9901 ASLCommon::cmd_system ERROR: '/etc/init.d/psmon restart (1)'
- Bugfix #1991, cpanel remote rule support
- Bugfix #2001, Firewall, detect if VPS supports low number of rules
- Bugfix #2002, Firewall, add locking to ASL firewall to prevent overlap with asl-shun events on long policy loading.
- Bugfix #2020, Rootkit detection, replaced exits in rkhunter_check with returns
- Bugfix #2022, DoS, correct mod_evasive24 whitelist condition
- Bugfix #2024, Kernel, Runtime module loading: fixed [FIXED]
- Bugfix #2076, Firewall, prevent /32 from being added to /etc/asl/whitelist
- Bugfix #XXXX, Cpanel, for cpanel's use of ~/.my.cnf.
- Bugfix #XXXX, HIDS, for custom rule support in OSSEC. This restricts rule removal to just asl channel ossec files.
- Bugfix #XXXX, for SSL settings to handle "custom" condition (alert but dont fix) and ASL Web unable to handle + in a named field. Additionally for backwards compatibility we are maintaining APACHE_SSLPROTOCOL as TLS+SSLv3 and TLS/SSLv3
- Bugfix #XXXX, Firewall, the ratelimit hitcount has a max ceiling of 20, unless kernel modules are manipulated. This fix will lower this to 20 if a higher value is selected.
- Bugfix #XXXX, cpanel, for Cpanel clamav integration on EL7
- Bugfix #XXXX, cpanel, automatic exclusion for virtfs in the real-time malware detection system.
Bugfixes
- Bugfix #1782, Plesk, fix scoreboard file in proftpd on plesk 12+
- Bugfix #1714, HIDS, do not monitor files that are symbolic links. Prevents event duplication
- Bugfix #1829, Watchdog, only activate psmon if it has services to monitor
- Bugfix #1863, Vulnerabiltiy Report, suppress lsof warnings during ASL Report
- Bugfix #1897, ASL Web, Condition added in ASLWWindow.waf_config.js to capture input for f_am_local_port
- Bugfix #1906, WAF, add bzip2 and libapache2-modsecurity as debian/ubuntu dependencies
- Bugfix #1924, ALLOW_eval setting has no effect. This is not a function, and thus, cannot be disabled
- Bugfix #1944, Malware Detection, cpanel ftp upload scanner
- Bugfix #1947, Auditdir and Tmp dir for WAF were immutable
- Bugfix #1949, Vulnerability scanner, Error: could not find general_firewall_ftp_mod
- Bugfix #1962, remove duplicate hmac lines
- Bugfix #1978, Firewall, alert if the asl-firewall service is disabled and show a big red X on the gui
- Bugfix #1979, Watchdog, _watchdog::watchdog_check 9901 ASLCommon::cmd_system ERROR: '/etc/init.d/psmon restart (1)'
- Bugfix #1991, cpanel remote rule support
- Bugfix #2001, Firewall, detect if VPS supports low number of rules
- Bugfix #2002, Firewall, add locking to ASL firewall to prevent overlap with asl-shun events on long policy loading.
- Bugfix #2020, Rootkit detection, replaced exits in rkhunter_check with returns
- Bugfix #2022, DoS, correct mod_evasive24 whitelist condition
- Bugfix #2024, Kernel, Runtime module loading: fixed [FIXED]
- Bugfix #2076, Firewall, prevent /32 from being added to /etc/asl/whitelist
- Bugfix #XXXX, Cpanel, for cpanel's use of ~/.my.cnf.
- Bugfix #XXXX, HIDS, for custom rule support in OSSEC. This restricts rule removal to just asl channel ossec files.
- Bugfix #XXXX, for SSL settings to handle "custom" condition (alert but dont fix) and ASL Web unable to handle + in a named field. Additionally for backwards compatibility we are maintaining APACHE_SSLPROTOCOL as TLS+SSLv3 and TLS/SSLv3
- Bugfix #XXXX, Firewall, the ratelimit hitcount has a max ceiling of 20, unless kernel modules are manipulated. This fix will lower this to 20 if a higher value is selected.
- Bugfix #XXXX, cpanel, for Cpanel clamav integration on EL7
- Bugfix #XXXX, cpanel, automatic exclusion for virtfs in the real-time malware detection system.
|