ASL Lite is a new lightweight rule updater project designed specifically as an ASL rule downloader for custom apache environments, control panel software like cpanel and directadmin, or non-apache/mixed web server implementations. ASL Lite supports a guided dialog similar to the standard asl configuration, that allows for the definition of custom commands for restarting web services, location of configuration files, and use via cron.

We are proud to announce the latest release for our flagship Atomic Secured Linux product, the latest in unified threat management systems. Atomic Secured Linux(tm) is an out-of-the-box Unified Security Suite for Linux(tm) systems designed to protect your servers against both known and unknown threats. It is distributed through a subscription yum channel ensuring that ASL is always kept up to date.

Atomicorp is proud to announce the release of version 2.2.2 of Atomic Secured Linux. Our full service security suite for Linux based systems.

We are proud to announce the release of Atomic Secured Linux 2.2.1 the latest version of our cutting-edge Unified Security solution for servers.

We've setup a twitter feed for our subversion system. When we put out new rules you'll get a tweet. You can follow us here:

GotRoot/Atomicorp Real Time Rules Twitter Feed

Rogue devices, like unauthorized hosts or rogue APs got you down? Here are several free and powerful solutions to detect, stop and even quarantine rogue devices on your network.

ASL customers already have this built into ASL, but for those running the rules without ASL we have developed a stand alone rule updater/downloader:

Automatic Rule Updater (cache)

And the config file for the same:

Automatic Rule Updater Config file (cache)

Installation instructions are available here:

Installation Instructions (cache)

MD5 (cache) weaknesses have been known for some time now and security researchers have been recommending against its use for a few years, while predicting that a realistic attack was just around the corner. Research was published today that demonstrates that realistic attacks are possible now. The research deals with a proof of concept collision attack to create fake CA certificate using MD5. The researchers state that a knowledgeable attacker can fake a valid signature on a CA certificate, thereby making it possible to hijack the PKI used to sign SSL certs by pretending to be a valid CA. The researchers website MD5 considered harmful today (cache) has the details. In short, nothing important should use MD5 anymore.

For those that are not familiar with it, SRI has a great project called BotHunter?. Its a snort derivative using special rules and some SRI code to detect bots on your network and to anonymously share data with the BotHunter? folks. The installer is top notch and we really like what the project is doing. Check it out yourself at http://www.bothunter.net

Prometheus Group is proud to announce the release of Atomic Secured Linux 2.0, the latest version of our cutting-edge Unified Security solution for servers.

SANS ISC (cache) brings us a report (cache) of a new method spammers are using to put links into blogs using hidden text. We don't consider this a WordPress vuln, but rather a class of problems revolving around hidden test. This is very reminiscent of the iframe attacks using hidden iframes. In the spirit of making the world a nicer place, we're publishing Modsec rules to protect against this problem. You can download the rules from here. Right now its one rule, but as we discover other ways to protect against this we'll update the file. If you are running ASL or have a subscription to the real time rules, this is included in the latest update automatically.