Search found 74 matches
- Fri Jun 02, 2017 3:21 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: Removing ASL tries to remove needed dependencies
- Replies: 3
- Views: 11733
Re: Removing ASL tries to remove needed dependencies
Can you send us the output of the uninstaller at support@atomicorp.com? Also, we're releasing the Ubuntu version of ASL this summer. Would you like to sign up for the early beta? also, kernel aside, how does ASL compare to Trend Micro Deep Security? do you have any ansible scripts for installing an...
- Fri Jun 02, 2017 3:11 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: Removing ASL tries to remove needed dependencies
- Replies: 3
- Views: 11733
Re: Removing ASL tries to remove needed dependencies
done. yes pls sign me up for the early beta.mikeshinn wrote:Can you send us the output of the uninstaller at support@atomicorp.com?
Also, we're releasing the Ubuntu version of ASL this summer. Would you like to sign up for the early beta?
- Fri Jun 02, 2017 1:42 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: Removing ASL tries to remove needed dependencies
- Replies: 3
- Views: 11733
Removing ASL tries to remove needed dependencies
I would like to ideally remove ASL from a CentOS 6.9 system. When I follow the instructions , it tries to remove for dependencies packages from @base, @updates, @epel and worst, @virtualmin and @virtualmin-universal. It doesn't seem that the dependencies are being properly calculated. Maybe I should...
- Thu Oct 29, 2015 3:51 pm
- Forum: Atomicorp Modsecurity Rules Support
- Topic: Atomicorp rules on Debian 7.7
- Replies: 6
- Views: 14390
Re: Atomicorp rules on Debian 7.7
Windows will be first, we're working on that right now. Then there be more work next quarter after that on the debian/suse/ubuntu WAF product (ie this is what we include on plesk now, making this more flexible, etc), which builds some dependencies for ASL on debian/ubuntu/suse. might be forking our...
- Sat Oct 10, 2015 3:39 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: New Wordpress XML-RPC Attack
- Replies: 9
- Views: 8910
Re: New Wordpress XML-RPC Attack
Well for this specific attack, and only this one, you could get away with not turning it on. But in general brute force attacks are stopped better if you can enable all of these. The TI rules are stopping 75% of the attacks we see, so we highly recommend enabling them. Thanks for the clarification....
- Fri Oct 09, 2015 7:37 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: New Wordpress XML-RPC Attack
- Replies: 9
- Views: 8910
Re: New Wordpress XML-RPC Attack
Yes. If you have these rulesets enabled: https://www.atomicorp.com/wiki/index.php?title=ASL_WAF#MODSEC_00_THREAT https://www.atomicorp.com/wiki/index.php?title=ASL_WAF#MODSEC_03_DOS https://www.atomicorp.com/wiki/index.php?title=ASL_WAF#MODSEC_12_BRUTE Note: If you use litespeed it doesnt support o...
- Fri Oct 09, 2015 12:58 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: New Wordpress XML-RPC Attack
- Replies: 9
- Views: 8910
- Mon Aug 10, 2015 1:52 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: ROOTKIT Detection and Prevention
- Replies: 6
- Views: 8348
Re: ROOTKIT Detection and Prevention
Warning: Suspicious file types found in /dev: /dev/.udev/db/input:event4: ASCII text /dev/.udev/db/input:event0: ASCII text /dev/.udev/db/input:js0: ASCII text /dev/.udev/db/input:event3: ASCII text /dev/.udev/db/input:mouse2: ASCII text /dev/.udev/db/input:event1: ASCII text /dev/.udev/db/input:ev...
Re: Ansible
I meant an Ansible recipe for installing ASLbreun wrote:You can install the ansible package from the EPEL repository.
Re: Ansible
I also would like to use Ansible to deploy ASL. Or at least parts of it.breun wrote:Something for the atomic repository?
http://ansible.github.com/Ansible is a radically simple model-driven configuration management, deployment, and command execution framework.
- Wed Jul 01, 2015 11:55 am
- Forum: Atomicorp Modsecurity Rules Support
- Topic: Atomicorp rules on Debian 7.7
- Replies: 6
- Views: 14390
Re: Atomicorp rules on Debian 7.7
Yes, we're planning on expanding into several other platforms, including debian, ubuntu, and windows. Currently we're working on expanding the WAF into Windows server systems. do you think debian or ubuntu will come first? and the natural follow up question, is there a rough estimate for when it wo...
- Tue Jun 30, 2015 10:31 pm
- Forum: Atomicorp Modsecurity Rules Support
- Topic: Atomicorp rules on Debian 7.7
- Replies: 6
- Views: 14390
Re: Atomicorp rules on Debian 7.7
Is Debian support planned for ASL entirely or just modsec?scott wrote:We do not have any .deb packages at this time, its something we're planning on having soon though.
- Tue Apr 21, 2015 10:51 am
- Forum: Atomic Protector (formerly ASL)
- Topic: How to block this threat?
- Replies: 0
- Views: 3260
How to block this threat?
Even if just for the fact that it spiked up resource usage to the point that I got an alert, I would like to stop these attacks: HEAD /?MDM0OTEwOTQzOTIwMzQwMTUwMDEwODc1MTI1NDQ0MDEzMDIxNzE1ODA0NDc0NzY2ODgxOTg5MzE5MDA3MDQ5Mjk3MjI0MDExNTE0NDE1MzkxMjMyNjAyOTM1MDUwMTY3NTE5MzEzNDI3NTIyNjAwMjg5MTU5ODA3MDQy...
- Sun Mar 22, 2015 9:55 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: Blocking by rDNS' third level domain
- Replies: 9
- Views: 8661
Re: Blocking by rDNS' third level domain
Can you share your access logs with me, I'll see what we might be able to do on the RBL side as well. Since we can create as many RBLs as you can imagine, I'm thinking we might create some RBLs for things like "impolite bots" similar to the spammer RBLs and others we already have. PM me a...
- Fri Mar 20, 2015 2:26 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: Blocking by rDNS' third level domain
- Replies: 9
- Views: 8661
Re: Blocking by rDNS' third level domain
We could add in a capability to make the lookups non-verified (the PTR doesnt have to match the A) - or both (you decide how verified it needs to be). This would only work on ASL systems so if thats something you'd like we can add it into the FRs and see about rolling it out next week. That would b...