Announcing the release of Atomic Secured Linux 5.0.2 - Atomicorp - Unified Security Built on OSSEC

Announcing the release of Atomic Secured Linux 5.0.2

Atomicorp is proud to announce the release of ASL™ 5.0.2! A next generation server security solution that addresses the unique security problems of servers. ASL™ 5.0.2 is an update driven by customer feedback and is part of Atomicorp’s commitment to deliver the latest product updates in one convenient installation. Atomic Secured Linux™ is the only complete solution available to secure your Redhat™, Centos™ and CloudLinux™ systems from hackers and compromise.

Complete Intrusion Prevention

ASL™ stops attackers before they can even get on your system. Web Attacks, Shells, Denial of Service, Rootkits, Brute Force attacks, you name it, ASL™ stops it cold. We make preventing intrusions easy.

Designed for novices and experts

ASL™ is designed to be easy to install and use. No security experience required but powerful enough for experts too.

Automatically remove hackers from your websites

If your web sites have already been compromised, ASL™ will remove malicious code and hackers automatically. Our proprietary technology removes web compromises in real time, without touching the web application. Its the perfect solution with no risk to your web sites.

Real Time Threat Intelligence

Join the Herd! ASL™ includes a Herd Defense, a system that collects real time attack information from thousands of systems around the world and shares it instantly with every system running ASL™, automatically blocking attackers before they can attack your systems!

Works with Redhat, Centos, CloudLinux and all major Control Panels

ASL™ is supported with Redhat, Centos or CloudLinux systems, all major web servers (Apache, NGINX, Litespeed, Tomcat and others) and if you use a control panel for your system, ASL™ also works with cPanel, Plesk, Webmin and more.

Lower your support costs

ASL™ lowers support costs by up to 80% by eliminating intrusions, automatically removing compromises and automating incident response. Freeing up your support staff and dramatically lowering costs.

Real Time Malware Protection

ASL™ prevents malware in real time, stopping rootkits, web shells, spam bots and other malware dead.

Get off the patching treadmill

ASL™ includes our proprietary Virtual Patching technology that prevents vulnerabilities in your web applications from being exploited, eliminating the need for you to worry about patching your system.

DevOps Friendly

Designed to also work in DevOps environments such as Puppet, SaltStack, Ansible and others.

Free Trial

Not sure if Atomic Secured Linux™ is right for you? Download ASL™ and try it free for 10 days. Theres no obligation or credit card required.


Installation Instructions

Please follow the instructions at this link.

Upgrade Instructions

To upgrade, just run these commands as root:

1) aum -uf

2) asl -s -f

New Features

This release includes a redesigned interface providing clearer presentation of information.

This release also introduces support for version 4.4 of the Linux kernel, OSSEC 2.9, Docker, Multi-PHP, and CPanel EasyApache 4.

Full changelog:

Feature Requests
- Feature Request #1641, Enhanced active response
- Feature Request #1747, Raised limits in tortixd.conf if configured as a local T-WAF
- Feature request #1876, Added lua rule checks to waf report
- Feature Request #1955, Lints whitelist for valid IP's and CIDR blocks
- Feature Request #2037, For UseDNS off on cpanel systems
- Feature Request #2050, Configures OSSEC HIDS HELO message
- Feature Request #2055, Adds support for Openvz/Virtuozzo Linux 7.0
- Feature Request #2067, Adds SSLCertificateChainFile to the T-WAF configuration options
- Feature request #2095, Adds ASL Web Help dialog
- Feature Request #2096, Adds AllowTCPForwarding check
- Feature Request #2102, Adds AllowX11Forwarding check
- Feature Request #XXXX, Adds support for user defined per-rule active responses
- Feature Request #XXXX, Adds support for a user defined list of logs to monitor
- Feature Request #XXXX, Dynamic scaling for real-time filesystem monitoring inotify watches
- Bugfix #1782, Plesk, fix scoreboard file in proftpd on plesk 12+
- Bugfix #1714, HIDS, do not monitor files that are symbolic links. Prevents event duplication
- Bugfix #1829, Watchdog, only activate psmon if it has services to monitor
- Bugfix #1863, Vulnerabiltiy Report, suppress lsof warnings during ASL Report
- Bugfix #1897, ASL Web, Condition added in ASLWWindow.waf_config.js to capture input for f_am_local_port
- Bugfix #1906, WAF, add bzip2 and libapache2-modsecurity as debian/ubuntu dependencies
- Bugfix #1924, ALLOW_eval setting has no effect. This is not a function, and thus, cannot be disabled
- Bugfix #1944, Malware Detection, cpanel ftp upload scanner
- Bugfix #1947, Auditdir and Tmp dir for WAF were immutable
- Bugfix #1949, Vulnerability scanner, Error: could not find general_firewall_ftp_mod
- Bugfix #1962, remove duplicate hmac lines
- Bugfix #1978, Firewall, alert if the asl-firewall service is disabled and show a big red X on the gui
- Bugfix #1979, Watchdog, _watchdog::watchdog_check 9901 ASLCommon::cmd_system ERROR: '/etc/init.d/psmon restart (1)'
- Bugfix #1991, cpanel remote rule support
- Bugfix #2001, Firewall, detect if VPS supports low number of rules
- Bugfix #2002, Firewall, add locking to ASL firewall to prevent overlap with asl-shun events on long policy loading.
- Bugfix #2020, Rootkit detection, replaced exits in rkhunter_check with returns
- Bugfix #2022, DoS, correct mod_evasive24 whitelist condition
- Bugfix #2024, Kernel, Runtime module loading: fixed [FIXED]
- Bugfix #2076, Firewall, prevent /32 from being added to /etc/asl/whitelist
- Bugfix #XXXX, Cpanel, for cpanel's use of ~/.my.cnf.
- Bugfix #XXXX, HIDS, for custom rule support in OSSEC. This restricts rule removal to just asl channel ossec files.
- Bugfix #XXXX, for SSL settings to handle "custom" condition (alert but dont fix) and ASL Web unable to handle + in a named field. Additionally for backwards compatibility we are
 maintaining APACHE_SSLPROTOCOL as TLS+SSLv3 and TLS/SSLv3
- Bugfix #XXXX, Firewall, the ratelimit hitcount has a max ceiling of 20, unless kernel modules are manipulated. This fix will lower this to 20 if a higher value is selected.
- Bugfix #XXXX, cpanel, for Cpanel clamav integration on EL7
- Bugfix #XXXX, cpanel, automatic exclusion for virtfs in the real-time malware detection system.