ISPConfig available for testing


Today I would like to introduce a pre relaese of the upcoming version to a broader audience.

What's new in ISPConfig

This release introduces some interesting new security features and fixes several bugs in the remote API.

Intrusion Detection System

The ISPConfig interface now contains a IDS System to protect it against unknown threats and
vulnerabilitys. The IDS System consists of a scan engine for POST, GET, COOKIE and SESSION
variables based on PHPIDS and a SQL query scanner to detect SQL injection attacks.

The IDS system does not replace any of the input and variable checks that are implemented in ISPConfig,
the IDS adds a more generic check for all incoming variables in ISPConfig to build a second defence line.

For now, the IDS system is configured to add warnings in the ISPConfig System log only and not to block attacks.
If you like to block attacks in this version, set ids_block_level to a value between 5 and 20 in the
security_settings.ini file. The checks are quite strict and we will probably have to whitelist some addditional
variables to avoid false positive warnings to customers. Therefor I would like to ask you to help us to copmplete
the whitelist.

How whitelisting works:

The IDS writes all alerts in whitelst file format to the file /usr/local/ispconfig/interface/temp/ids.log
and the full warning message to the ispconfig system log in the interface. If you find that a alert is
a false positive, then please post the alert message and line from ids.log here in the forum so we can check
that and add it to the official whitelist.

You can find a detailed description on the IDS settings in the security README file in the
/usr/local/ispconfig/security/ folder.

Note: This pre release reports itsellf still as, so dont be worried if you dont see a
new version number.

Detailed Changelog

=]ISPConfig::ISPConfig 3: Tasklist


Update instructions

cd /tmp
rm -rf /tmp/ispconfig3_install
tar xvfz ISPConfig-3.0.5-rc2.tar.gz
cd ispconfig3_install/install
php -q update.php