Atomic Secured Linux™ 4.0.2 (Pineapple)

Customer support forums for Atomic Protector (formerly Atomic Secured Linux). There is no such thing as a bad question here as long as it pertains to using Atomic Protector. Newbies feel free to get help getting started or asking questions that may be obvious. Regular users are asked to be gentle. :-)
Post Reply
Kalimari
Forum Regular
Forum Regular
Posts: 526
Joined: Wed Jan 02, 2008 3:21 pm
Location: United Kingdom

Atomic Secured Linux™ 4.0.2 (Pineapple)

Unread post by Kalimari »

Followed the instructions to update ASL to 4.0.2, ran: aum -uf

Code: Select all

Checking versions ... 

	Updating ASL Core: successful                      [PASS]
	Updating ASL Kernel
	  Kernel:                                          [PASS]
	Updating APPINV to 201402101531: updated           [PASS]
	Updating CLAMAV to 201406031027: updated           [PASS]
	Updating GEOMAP to 201406031025: updated           [PASS]
	  Updating map data
	  (this may take several minutes): updated         [PASS]
	Updating MODSEC to 201406030839: updated           [PASS]
	    Antievasion Ruleset: updated                   [PASS]
	    Slow Denial of Service Protection: updated     [PASS]
	    Exclude Ruleset: updated                       [PASS]
	    Anti-Malware Ruleset: updated                  [PASS]
	    Generic Attack Ruleset: updated                [PASS]
	    Brute Force Protection Ruleset: updated        [PASS]
	    Malicious Useragents Ruleset: updated          [PASS]
	    Anti-Spam Ruleset: updated                     [PASS]
	    Rootkit Detection Ruleset: updated             [PASS]
	    Reconnaissance Attacks Ruleset: updated        [PASS]
	    Data Leak Prevention Ruleset: updated          [PASS]
	    Just In Time Patches: updated                  [PASS]
	    Basic Malware Removal Ruleset: updated         [PASS]
	    Malicious Output Detector: updated             [PASS]
	    Web Malware Upload Scanner: updated            [PASS]
-------------------------------------------------------------------------------
Errors were encountered:

L CODE SOURCE                        MESSAGE
- ---- ----------------------------- ------------------------------------------
2 9901 ASLCommon::cmd_system         ERROR: '/usr/sbin/apachectl -t >/dev/null 
                                     2>&1 (1)'
2 9901 ASLCommon::cmd_exec           ERROR: '(1) /usr/sbin/apachectl -t 2>&1 --
                                      Syntax error on line 25 of /etc/httpd/mod
                                     security.d/tortix_waf.conf:||SecReadStateL
                                     imit takes one argument, maximum number of
                                      threads in READ_BUSY state per ip address
                                     '
2 601  c_modsec::apply_rules         There is a problem with the apache config:
                                      Syntax error on line 25 of /etc/httpd/mod
                                     security.d/tortix_waf.conf:; SecReadStateL
                                     imit takes one argument, maximum number of
                                      threads in READ_BUSY state per ip address
2 601  c_modsec::apply_rules         There is a problem with the apache config:
                                      Rolling back to the previous update
3 600  c_modsec::apply_rules         Errors occurred with Apache
Fixed the problem by removing duplicate "SecReadStateLimit" on line 25 and duplicate "SecWriteStateLimit" on line 26 of /etc/httpd/modsecurity.d/tortix_waf.conf

re-ran aum -uf and it proceeded without error. Look forward to enhanced security with shared reputation reporting enabled!

PS: Nice touch that apache wasn't restarted when an error was detected 8)
Last edited by Kalimari on Wed Jun 04, 2014 4:15 am, edited 1 time in total.
Top
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4149
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

Re: Atomic Secured Linux™ 4.0.2 (Pineapple)

Unread post by mikeshinn »

Followed the instructions to update ASL to 4.0.2, ran: aum -uf
https://www.atomicorp.com/wiki/index.ph ... 0_to_4.0.x

I think you just missed a step, did you run:

asl -s -f

After running "aum -u"? You'll need to do that to set the new settings, but its fail safe if you forgot.
Look forward to enhanced security with shared reputation reporting enabled!
Oh yeah, we're going gang busters with that.
PS: Nice touch that apache wasn't restarted when an error was detected 8)
Do no harm! :-)
Top
Kalimari
Forum Regular
Forum Regular
Posts: 526
Joined: Wed Jan 02, 2008 3:21 pm
Location: United Kingdom

Re: Atomic Secured Linux™ 4.0.2 (Pineapple)

Unread post by Kalimari »

mikeshinn wrote:I think you just missed a step, did you run:

asl -s -f

After running "aum -u"? You'll need to do that to set the new settings, but its fail safe if you forgot.
The error occurred during aum -uf, a problem with tortix_waf.conf was detected, so didn't get as far as running asf -s -f.
Just thought you might like to know about the errors "SecReadStateLimit" on line 25 and duplicate "SecWriteStateLimit" on line 26 of tortix_waf.conf and what fixed it for me.
All good now...
Top
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4149
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

Re: Atomic Secured Linux™ 4.0.2 (Pineapple)

Unread post by mikeshinn »

When you upgrade, just make sure you do this:

aum -u

asl -s -f

That last step sets the new configuration options, it doesnt happen on -u. And thats all you needed to do.
Top
Post Reply

Return to “Atomic Protector (formerly ASL)”