Atomic Secured Linux 2.2.1 Released Print E-mail
Sunday, 13 September 2009 08:09
We are proud to announce the latest release for our flagship Atomic Secured Linux product, the latest in unified threat management systems.  Atomic Secured Linux(tm) is an out-of-the-box Unified Security Suite for Linux(tm) systems designed to protect your servers against both known and unknown threats. It is distributed through a subscription yum channel ensuring that ASL is always kept up to date. Unlike other security solultions, ASL works by combining security at all layers, from the Kernel all the way up to the application layer to provide the most complete protection available for Linux servers and helps to ensure that your system is compliant with commercial and government security standards. ASL includes the most hardened kernel on the market, automated system hardening techniques, userspace and host Intrusion Prevention Systems (IPS), malware/rootkit detection and elimination, blacklisting technologies and web application firewalling to protect multiuser and web application hosting environments like no other solution. ASL is uniquely effective at addressing emerging threats posed by vulnerabilities in todays complex systems and applications, such as web hosting environments, multiuser systems, CRM's, ERPs, forums, shopping carts, Content Management systems and custom applications. ASL

 

Changelog:

  • Added routine to remove legacy psaadm from sudoers
  • OSSEC-HIDS 2.2 is now a requirement
  • Lowered Denyhosts disabled check from critical to high
  • Added asl-web-passwd utility, a command line tool to reset the ASL Web password for users.
  • Added asl-web-setup, a utility for configuring ASL Web
  • Corrected circumstantial js error in security events when changing filter options on a display page other than 1
  • Added routine to test for ASL Web being configured, the web interface will now report this case


Bugfixes:

- Bugfix #XXX, on Denyhosts being disabled check, would report "enabled" when it was failing
- Bugfix #XXX, Fixed typo in psa_check to show correct path to password.report
- Bugfix #XXX, Fixed typo in asl-config.xml, that was assigning $EMAIL to a boolean
- Bugfix #XXX, Fixed condition with Geoblocking where the interface would not display if there was a blank line in the database
- Bugfix #XXX, Fixed typo on OSSEC_NOTIFY in asl-config.xml
- Bugfix #XXX, Fix for typo in ssh_check banner test
- Bugfix #217, passwords in the web gui are now limited to a-z, A-Z, 0-9, _, ! and -
- Bugfix #219, password auth check now reports pass if password auth is disabled.
- Bugfix #221, Configuration updates now lint from 2.0 -> 2.2 configuration values correctly.
- Bugfix #228, Added detection & upgrade event for ASL-Web-Gui -> ASL Web to force the yum upgrade
- Bugfix #229, Changed mode on /etc/cron.d/asl to 644
- Bugfix #230, ADMIN_USERS changed from "" to "undefined". This is condition is now properly ignored.
- Bugfix #237, added a field to the gui config interface for the HOSTNAME variable, as well as an upgrade event to populate it
- Bugfix #238, fixed updater issue for modsecurity rules, where an update would appear to have been applied when it was not.
- Bugfix #240, resolved issue with php_checks reporting vulnerabilities that were corrected by "fix" mode
- Bugfix #241, Corrects display issue in blacklist and whitelist windows when removing all entries


Upgrading to 2.2.1:

1) Ensure that you allow mysql connections from localhost, and that
skip-networking is not set in /etc/my.cnf

2) yum upgrade

3) asl -s -f

4) Log in to the web interface on port 30000 with your web browser at https://<IP>:30000



Installing on a clean system:
1) wget -q -O - http://www.atomicorp.com/installers/asl |sh

2) Log in to the web interface on port 30000 with https://<IP>:30000

Share/Save/Bookmark
 

Add comment


Security code
Refresh