The ASL clock module may not report the correct time due to the timezone not being specified in the php.ini. That is something we're working on automating in a future release. Also a frequently requested "warnings only" modifier has been added to asl from the command line. This is useful if you were looking to use it for a daily email report.
The internal update subsystem has been expanded to handle more internal component updates to include the ASL kernel, and waf module provided the UPDATE_TYPE setting is set to allow those updates.
- Add clock to ASL Web
- Add new update display fields to WAF updates, Rootkit Protection, and Shell protection
- Add in the -warn flag to only show warnings / failures in scan and/or fix mode
- Update to configuration verification engine, FIXED is only reported if a setting is the secure state. Otherwise the true vulnerablity level is displayed.
- Update to integrity checks, /etc/webmin is now ignored by default
- Feature Request #XXX, hids_check will now maintain the localtime file in chroot in accordance with /etc/localtime
- Feature request #532, add support for SecRequestBodyNoFilesLimit and SecRequestBodyInMemoryLimit
- Feature Request #709, add checks for suexec logs
- Feature Request #768, add support to rkhunter check to modify /etc/sysconfig/rkhunter
- Bugfix #XXX, php_check can now make insecure settings.
- Bugfix #XXX, update to asl_db_rotate to handle rotating larger database sizes (1+ million rows)
- Bugfix #XXX, tortixd rule reloading is moved out from the ASL Web interface, and into a queue system. This prevents the thread from dying in an interactive session.
- Bugfix #289, correct SMTP_AUTH plesk password checks to map to valid mailboxes. Correct output of plesk FTP check to show pass word column in order
- Bugfix #496, detect /var/log/snort/alert
- Bugfix #735, hids/waf checks for whitelists under 255 would always report 255 or greater
yum upgrade asl asl-web