Blog
New WAF rule class
March 31, 2011
Written by: Michael Shinn
We’ve added a new rules class to the WAF “untrusted code content”. Untrusted code rule classes allows us to detect cases where web code may be allowed, but will still be inspected to determine if its malicious. This allows for a more nuanced approach to cross site scripting attack protection, that significantly reduces false positives […]
Cpanel Beta now Available
March 8, 2011
Written by: Scott Shinn
Among other developments in the 3.0 branch is our initial foray into support for cpanel. As long time users have known, ASL has supported just about every CP (Plesk, Interworx, DirectAdmin, even Ensim) out there except the all-source builds like cpanel. We’ve managed to assemble a mostly RPM based ASL distribution for Cpanel systems, […]
A quick 3.0 update
February 23, 2011
Written by: Scott Shinn
If you follow the forums you’ve probably already seen these screenshots of ASL 3.0. I figured a repost on the website wouldnt hurt for any newcomers curious about some of the things in store for 3.0: File Integrity Checks Starting first with file checks, this is a major update to visualizing changes on the […]
Portal and other changes
December 29, 2010
Written by: Scott Shinn
We just finished up some (very, very) overdue updates to the support portal. The first is probably one of the more popular user requests to create support portal accounts that line up to the ASL user ID. Previously we had maintained a policy of separate portal portal accounts to allow users to have multiple tiers […]
Kernel vulnerabilities, Twitter updates, and FCGI
September 17, 2010
Written by: Scott Shinn
Kernel News Brad Spender of Grsecurity fame gave me the heads up earlier on a few kernel exploits that are on their way to being published in the wild. If you track this kind of thing, you might have seen this post at The Register about one of them already. Its a neat bug in […]
ASL 2.2.11 updates, twitter, and more
September 13, 2010
Written by: Scott Shinn
A few random project updates: nikto was updated to 2.1.3. This is a basic web application vulnerability scanner, theres another we’ve been meaning to package called w3af. Looks promising openvas-manager was updated, with more fixes. This is a minor update in a series to support the greenbone security administrator (GSA) on centos 5. clapf, an […]
ASL 2.2.11-0.1, and Kernel updates
September 3, 2010
Written by: Scott Shinn
ASL 2.2.11-0.1 is now available in the [asl-2.0-testing] channel. This update includes some minor bugfixes for ASL Web, and ossec configuration generation. New features (at this time) are in cleaning up old rule updates which will now default to being stored for 7 days. Larger structural changes have been completed to support new vulnerability checking […]
Vulnerability Scanner improvements
August 31, 2010
Written by: Scott Shinn
One of the larger efforts for the ASL 3.0 series is to include a more robust vulnerability detection system. With ASL 2.x we focused on more implementation specific vulnerability detection, an area we felt was (and still is!) underserved with standard vulnerability scanning technology. Thats a discussion for another day I think. Anyway, with the […]
OSSEC and Agent mode improvements
August 27, 2010
Written by: Scott Shinn
OSSEC is under heavy development upstream, and we’ve been helping them out where we can. This week it was getting into the malware detection database / updating the rootkit lists, and today nailing down some issues with OSSEC (and ASL) in agent mode. The current 2.4.1 builds dont handle restarts/reloads if they’re deployed as an […]
Kernel Updates, and PHP FPM
August 25, 2010
Written by: Scott Shinn
Today was all about nailing down the 2.6.32.19 kernel update. Upstream** made quite a few changes that believe it or not were effecting ioncube loader from the kernel side. I know I mentioned this before, but this is exactly why building community packages pays off for our security products. Its like the ultimate QA process […]
« Previous 1 2 3 4 Next »
