PatrolServer 1.0.1

Posted on

We at PatrolServer aim to increase security by decreasing vulnerability of public servers on the internet. Last week our product PatrolServer was released to the public in an open beta. This tool continuously monitors outdated software and exploits on your server and informs you.

During the last week, a lot of people have tried this tool and also provided us with vital feedback. We carefully listened to the complaints, suggestions and compliments and also tried to react to all of them. The feedback is greatly appreciated and we will continue to listen to any information of our early-adopters.

In this small timeframe we were able to address some of the comments raised and will implement other suggestions in upcoming releases. Keep your feedback flowing!

New features:

We upgraded our way to submit feedback from within PatrolServer itself by integrating Zendesk. This also has as nice feature that while we are online, we can chat with the original submitter to request more information or help immediately. Search for help or chat inside the tool.

chathelp

For the open beta we were focused on linux servers, since that is our domain and since most servers are served using linux servers. During the release we got some feedback to also support ASP.NET. Therefore we added preliminary support for ASP.NET. The extensiveness of this detection will improve in the future and also IIS is on the roadmap. Stay tuned while we add Microsoft support.

Improvements:

Some people seem to forget to add any servers or forget to verify their servers. As a result they didn’t get any reports or updates about the vulnerability of their server. To combat this, we now send a reminder to everybody that signed up but didn’t add any servers or forgot to verify their server.

The tool is adjusted to work on mobile phones. Here we must thank the people which reported the issues they had on their phones. Normally we should be fully responsive now!

We also added some extra security measurements, e.g. like a country lock. That should make your account even safer.

Full changelog:

  • Fix PHP error for older PHP versions with the PHP detector
  • Initial support for ASP.NET
  • Disable sending mails of outdated software to unverified servers
  • Add a priority to scanning of servers
  • Fix overlapping content on mobile
  • Add hostmaster as potential verification mailer
  • Implement Zendesk support in app
  • More aggressively detect php
  • Add mailer for empty accounts or not verified servers
  • Force ssl on login
  • Add second cpe name for nginx
  • Add outdated debian versions lenny, etch, sarge
  • Ubuntu support for lucid ended and for vivid started
  • Keep the cron working without overlap
  • Add statistics page
  • Stress test: add 25.000 scans simultaneously
  • Added more information about our company in the footer
  • Added support for versions:
    * mysql: 5.5.43-0ubuntu0.14.10.2, 5.5.43-0ubuntu0.14.04.2,
    5.6.19-1~exp1ubuntu2.1, 5.6.19-0ubuntu0.14.04.2,
    5.5.44-0ubuntu0.14.10.1, 5.5.44-0ubuntu0.14.04.1,
    5.5.44-0ubuntu0.12.04.1, 5.6.19-0ubuntu0.14.04.3,
    5.6.25-0ubuntu0.15.04.1
    * openssl: 1.0.1p, 1.0.2d
    * php: 5.6.11, 5.5.27, 5.4.43, 5.5.12+dfsg-2ubuntu4.6,
    5.5.9+dfsg-1ubuntu4.11, 5.3.10-1ubuntu3.19
    * apache: 2.4.16, 2.2.31
    * nginx: 1.9.3, 1.6.2-5ubuntu3.1

We hope to address your issue soonish and much love,

The PatrolServer team.