store | blogs | forums | twitter | facebook | wiki | mailing lists | downloads | support portal
Atomic Secure Linux
It is currently Wed Apr 16, 2014 8:48 pm

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 10 posts ] 
Author Message
 Post subject: [asl-3.0] ASL 3.0 Release Announcement
Unread postPosted: Tue Jul 19, 2011 3:52 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 3545
Location: Chantilly, VA
We are proud to announce the release of version 3.0 of Atomic Secured Linux!

For those of you new to ASL, Atomic Secured Linux(tm) is an out-of-the-box Unified Security Suite for Linux(tm) systems designed to protect your servers against both known and unknown threats. ASL is always kept up to date through its internal update management system. Unlike other security solutions, ASL works by combining security at all layers, from the Kernel all the way up to the application layer to provide the most complete protection available for Linux servers and helps to ensure that your system is compliant with commercial and government security standards.

ASL includes built in firewalling, secure kernel, automated system lockdown and hardening engine, userspace and host Intrusion Prevention Systems (IPS), malware/rootkit detection and elimination, vulnerability scanner, blacklisting technologies and the most widely used web application firewall on the market. All designed to protect multiuser, virtualization, cloud and web hosting environments like no other solution. ASL is uniquely effective at addressing multiple emerging threats posed by vulnerabilities in todays complex systems and applications, such as web hosting environments, multiuser systems, CRM's, blogging software, forums, shopping carts, Content Management systems, custom applications and so much more!

New Features in 3.0:

New ASL Dashboard consolidates Attack & Event summary, Module Status, Load monitor and RSS feed.

New operating systems supported:

Cloudlinux 5
Scientific Linux 5 & 6
CentOS 6
Red Hat Enterprise Linux 6
Xen virtualization (as a guest OS)

New control panels supported:

CPanel
Directadmin
Interworx

New online documentation system:

All ASL Web, rule ID's are now linked to their documentation page.
This will allow you to click on the event ID to find out more about what this event is, what causes this event to occur, and what actions, if any, you may need to take. For example, if the Web Application Firewall event 340162 is triggered, you can click on “340162” in the GUI and you will be able to read more about that type of attack, how to tune your system if its a false positive and so much more!

Firewall Rule Management System:

An advanced rule management system that will import your existing rules into a powerful web based interface
Use with, or without third party firewalls. All your firewalling needs can now be addressed from ASL.
Works with existing firewalls, no need to replace what you already using

HIDS (Host Based Intrusion Detection) Rule Manager:

Modify the Active Response policy globally or per rule
Change Severity Level per rule
Activate/Deactivate Logging per rule
Enable/Disable Email alerts per rule

WAF (Web Application Firewall) Rule Manager:

Rules can be enabled/disabled globally or by virtual domain.
Rules can be set to different severity levels,
Rules can have their base response policy elements modified to include shunning, email alerts, and logging.

Intelligent Repeat Offender blocking:

ASL will intelligently modify block times based on the recurrence of attacks from a particular source. This will allow your system to treat “one time” offenders differently from repeat attackers, properly blocking real malicious users from launches new attacks.

New File Integrity management system:

Web based GUI Interface that allows for list or tree view sorting.
"Notify" lists, this allows notifications to be sent to different email addresses for change alerts to different files.
"Watch" configuration, allows for the definition of what files or directories the system will monitor for changes. Configuration options allow for real-time monitoring, user/group ownership changes, permissions, checksum, and diff reporting. Diff reporting will include the changes made to the file in the body of the alert message for ascii files.
"Ignore" lists, allows for files or directories to be explicitly ignored from monitoring.

Event Manager enhancements:

Lists source of events, for multi agent configurations
Allows for searching for any string in the data field
Ties directly into the rule manager
Supports False Positve & False Negative reporting

New Report Generation System:

Failed logins in the last 24 hours, 72 hours, and 30 days
Top Stats; Events by Level, Alerts in the last 24 hours, and Top alerts in the full history
Top Web Attackers in the last 24 hours, and the total number of attacks in the last 7 days

ASL Web User Manager:

Role Based Access control for ASL Web Users
Audits logins by ASL Web users
Role Manager allows for setting what components an ASL Web user can have access to. Including View Only and Modify options

New kernel policy manager:

Trusted Path Execution
Enable/Disable Privileged IO
Audit Mount, Chdir, Ptrace, and Text relocation events
Control Chroot permissions on chmod, chroot, fchdir, capabilities, mknod, mount, sysctl, nice and findtask
Audit exec() events inside a chroot
Audit exec() activity by userid
Control "Server" class users, users in this group can only act as servers (IE: no outbound connections allowed)
Control "Client" class users, users in this grop can only access as clients (IE: cannot create services for inbound connections)
Control "Socket" class users, users in this group can act as neither clients nor servers.

New attack detection and prevention features:

New Web “slow” DOS protection added
New brute force detection and protection system added

New Application Inventory system thats faster and quicker.

Release Notes:

https://www.atomicorp.com/wiki/index.ph ... ease_Notes

To Upgrade:

Follow the process here:

https://www.atomicorp.com/wiki/index.php/Upgrading_ASL

If you don't have ASL, get the latest version of ASL and Secure Your Server Now!

_________________
Michael Shinn
Atomicorp - Security For Everyone

Co-Author of Troubleshooting Linux Firewalls.


Top
 Profile  
 
 Post subject: Re: [asl-3.0] ASL 3.0 Release Announcement
Unread postPosted: Tue Jul 19, 2011 4:28 pm 
Offline
Forum Regular
Forum Regular

Joined: Mon Apr 14, 2008 8:29 am
Posts: 296
Location: Rhode Island
Sweet.... Only question i have does 3.0 require php 5.3? I have to stay on 5.2 branch a little longer and do not want to hose anything if i upgrade to 3.0 becuase we are still on php 5.2.


Top
 Profile  
 
 Post subject: Re: [asl-3.0] ASL 3.0 Release Announcement
Unread postPosted: Tue Jul 19, 2011 4:38 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7774
Location: earth
No it does not require PHP 5.3. It should be fine with any RPM based version of PHP, we've tested it on the default versions on EL4, EL5, and EL6 as well as the atomic 5.2 and 5.3 branches


Top
 Profile  
 
 Post subject: Re: [asl-3.0] ASL 3.0 Release Announcement
Unread postPosted: Tue Jul 19, 2011 5:33 pm 
Offline
Forum Regular
Forum Regular

Joined: Thu May 07, 2009 12:46 pm
Posts: 258
hmmm after upgrade can't acces asl web-gui anymore!
it seems to be gone no asl-httpd?


Code:
Package 1:asl-web-3.0-1.el5.art.x86_64 already installed and latest version


Top
 Profile  
 
 Post subject: Re: [asl-3.0] ASL 3.0 Release Announcement
Unread postPosted: Tue Jul 19, 2011 6:18 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 3545
Location: Chantilly, VA
asl-httpd is now called tortixd. If you can not access your GUI, first check the troubleshooting checklist:

https://www.atomicorp.com/wiki/index.ph ... leshooting

_________________
Michael Shinn
Atomicorp - Security For Everyone

Co-Author of Troubleshooting Linux Firewalls.


Top
 Profile  
 
 Post subject: Re: [asl-3.0] ASL 3.0 Release Announcement
Unread postPosted: Tue Jul 19, 2011 7:04 pm 
Offline
Forum Regular
Forum Regular

Joined: Thu Jan 17, 2008 5:48 pm
Posts: 124
Similar problem as DarkF@der but I do get the new login screen and enter the username/password and then nothing, just hangs there. Went through the trouble shooting as suggested and all looks ok but no joy.

Thanks


Top
 Profile  
 
 Post subject: Re: [asl-3.0] ASL 3.0 Release Announcement
Unread postPosted: Tue Jul 19, 2011 7:10 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 3545
Location: Chantilly, VA
Did you flush your browsers cache? Also, doublecheck that asl is fully upgraded with a "yum upgrade" and an "asl -s -f".

_________________
Michael Shinn
Atomicorp - Security For Everyone

Co-Author of Troubleshooting Linux Firewalls.


Top
 Profile  
 
 Post subject: Re: [asl-3.0] ASL 3.0 Release Announcement
Unread postPosted: Tue Jul 19, 2011 7:16 pm 
Offline
Forum Regular
Forum Regular

Joined: Thu Jan 17, 2008 5:48 pm
Posts: 124
Thanks :)


Top
 Profile  
 
 Post subject: Re: [asl-3.0] ASL 3.0 Release Announcement
Unread postPosted: Wed Jul 20, 2011 6:59 am 
Offline
Forum User
Forum User

Joined: Sun Dec 12, 2010 1:26 pm
Posts: 15
Great stuff, however I can no longer login to the web panel for ASL. Seems none of the accounts we had setup for this work. This may be a problem related to our account via hosting reseller, but I was wondering if I can update the login details from within the command line manually?

Thanks again

Ciaran


Top
 Profile  
 
 Post subject: Re: [asl-3.0] ASL 3.0 Release Announcement
Unread postPosted: Wed Jul 20, 2011 11:16 am 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 3545
Location: Chantilly, VA
Quote:
Great stuff, however I can no longer login to the web panel for ASL. Seems none of the accounts we had setup for this work. This may be a problem related to our account via hosting reseller, but I was wondering if I can update the login details from within the command line manually?


Please see the release notes:

https://www.atomicorp.com/wiki/index.ph ... ease_Notes

"The Authentication system in ASL Web has changed. Your ASL Username & Password is now the default login. This can be changed from the User manager interface, or from the command line using: /var/asl/bin/asl-web-setup or /var/asl/bin/asl-web-passwd <username>"

_________________
Michael Shinn
Atomicorp - Security For Everyone

Co-Author of Troubleshooting Linux Firewalls.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 10 posts ] 

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group