ASL 1.0 Release
Tuesday, 19 June 2007 17:12
ASL 1.0 Release 

A progress report on ASL 2.0 so far. The test release of the web interface is about 75% complete. Screenshots are available here:
Dashboard
Viewing an Event This is of a spammer looking for an open proxy
Basic configuration interface

Before I go any further, I just want to thank all the testers out there that have been contributing with the pre-release. ASL is an extremely complex system, and we couldn't have gotten this far without their help.

Read more for the rest of the changes in 0.9.5


In case you were wondering, once this is complete, I'm going to change the release version to "2.0"...

ChangeLog:

* Sun Jun 17 2007

  • Version 0.9.5-1
  • Update routines for modsecurity and ossec rules

* Sat Jun 16 2007

  • Version 0.9.4-4
  • updated config routine for ossec client mode support
  • dropped ossec-hids-server requirement
  • New Config Setting: OSSEC_SERVER
  • Rewrote SSH config settings
  • Major updates to support logging, improved logic in ssh module
  • Added simple reporting module

* Thu Jun 14 2007

  • Version 0.9.3-1
  • Added xt_tcpudp check to asl-mod init script
  • create modsecurity audit logging dir
  • New Config Setting: MODSEC_AUDITDIR
  • Removed Config Setting: MODSEC_LOG404
  • Modified Config Settings: MODSEC_LOGFILE, MODSEC_DEBUGLOG, MODSEC_RESPONSEBODYLIMIT
  • Added support for Concurrent logging in mod_security
  • PHP checks now default to warn-only
  • Added config patch utility, and created a %post event to run it
  • Added OSSEC check to monitor mod_security audit logs
  • Disabled webapp inventory from asl by default, created/added this to a cron.daily event
  • Cleaned up configuration routine, added a 1 time run of webapp inventory when this is executed.

* Thu May 31 2007

  • Version 0.9.2-1
  • quadrupled default modsec bodylimit (2.6m)
  • bugfix in configuration_settings.sh, should correctly disable php checks
  • updated init script to ensure firewall modules are loaded (xtables, owner, stealth, etc)
  • php_checks are either warn-only or fix mode
  • Improved disable_function regex

* Thu May 31 2007

  • Version 0.9.1-1
  • Bugfix on php module, this should handle Zend better

* Wed May 30 2007

  • Version 0.9-1
  • Bugfix on php module, that was wiping out safe_mode
  • Improvement on php module to detect Zend Manager extensions
  • Fix on ASL version detection for updates

* Tue May 29 2007

  • Version 0.8-1
  • Bugfixes on php routines
  • Modified ssh module to disable root logins only if admin uses are defined
  • Disabled web app inventory (for now)
  • moved mod_sec module up to run right after the general web module

* Mon May 28 2007

  • Version 0.7-1
  • added basic configuration interface
  • bugfixes on php extension checks

* Thu Apr 5 2007

  • Version 0.5-1
  • webapp-inventory didnt create a database (fixed)
  • general_checks was detecting services because it looked for /etc/rc3.d/* this fired on the K services as well as S (fixed)
  • ossec_checks, smtp_server was broken (missing > in regex). (fixed)
  • php_checks bug, pointing to wrong config file (fixed)

* Wed Apr 4 2007

  • Version 0.4-4
  • modsecurity module
  • added data/msa and data/suspicious dirs
  • built modsec 2.1.0, added Requires
  • mod_security ruleset level configuration
  • created data/templates directory to store mod_security generation template
  • created basic installer script http://atomicorp.com/installers/install-asl.sh
  • fixed issues with php detection

* Tue Apr 3 2007

  • Version 0.3
  • added in stops between modules, and -s (skip) flag
  • made a generic config

* Mon Apr 2 2007

  • Version 0.2
  • major redesign
  • Added in app inventory module

* Thu Mar 1 2007

  • Version 0.1, first cut