Atomic Secured Linux

Atomic Secured Linux(tm) is an out-of-the-box Unified Security

Suite for Linux(tm) systems designed to protect your servers
against both known and unknown threats. It is distributed
through a subscription yum channel ensuring that ASL is always
kept up to date. Unlike other security solultions, ASL works by
combining security at all layers, from the Kernel all the way up
to the application layer to provide the most complete protection
available for Linux servers and helps to ensure that your system
is complaint with commercial and government security
standards. ASL includes the most harderned kernel on the
market, automated system hardening techniques, userspace and
host Intrusion Prevention Systems (IPS), malware/rootkit
detection and elimination, blacklisting technologies and web
application firewalling to protect multiuser and web application
hosting environments like no other solution. ASL is uniquely
effective at addressing emerging threats posed by vulnerabilities
in todays complex systems and applications, such as web hosting
environments, multiuser systems, CRM's, ERPs, forums,
shopping carts, Content Management systems and custom
applications.

The design of ASL approaches securing the server and its applications, by combining different layers
of security technologies and application layer firewalls to filter out malicious content before it
reaches the application. Our hardened kernel subsystems further enhance the overall security model
by enforcing file, network and process level security policies on the system.

The ASL approach also includes our "Just In Time Patching" system, which allows you to address
security threats posed by applications where either it is not possible to fix the application due to lack
of source code, availability of resources, or the number of applications that make repairing all
vulnerabilities economically unfeasible. You can known that your systems are protected, even when
you can't patch them.

ASL Screenshots

Immediate Results

Atomic Secured Linux provides an immediate solution for the following challenges:

• Data Theft
• Site Defacement and comment spam
• Web Application Vulnerabilities
• Regulatory Compliance
• Rootkits and Malware
Dependability

ASL is in its third year and is a mature, reliable product brought to you by founders of Plesk, so you
know it will work with your server the way you want to use it! When you use ASL, you are not only
using the software but the collected experience of our team of security and systems experts. And we
aren't new comers to Linux, our Founders have been building Linux based systems before the 1.0
kernel came way out back in the mid 90s. We know and love Linux, and when you use ASL you get
that same attention to detail we not give only our customers, but our own systems! We use every
feature in ASL on every Linux system we use. You can depend on ASL, because we depend on it
too.

Selected Features

• Automatically hardens Linux servers based on security policies, and ships with a world class
set of policies developed by our security experts.

• Host Intrusion Prevention System, with built in rootkit detection and prevent

• Kernel Intrusion Prevent System, prevents insertion of modules into kernel, protects against
memory attacks and other methods rootkits use to take over your system.

• Web based GUI management, and built to work with web with control panels such as Plesk
Server Administrator (PSA). (CPanel version coming soon!)

• Works with virtual and real servers.

• "Just in Time" Virtual Patching for web applications. Helps to protect vulnerable applications
that can not be patched immediately.

• Automated secure log management with secure remote logging.

• Automated file upload scanning protection, realtime prevention of malicious file uploads such
as rootkits, viruses, worms, shells, spambots and more!. Scans all Web, FTP and SSH based
file uploads. Files can be quarantined for further investigation, or can be automatically deleted
before they are ever uploaded to the system!

• Real-time e-mail notifications of attacks and system emergencies.

• Automatically disables unsafe functions in web technologies such as PHP to help prevent
entire classes of vulnerabilities.

• Built in vulnerability and compliance scanner and remediation system to ensure that your
system is operating in a safe, secure and compliant manner.
• Application layer firewalling through mod_security, and the industry leading rules created by
our Information Assurance lab gotroot.com and optimized for Cpanel and Plesk Server
Administrator environments. A must for PCI-DSS compliance!

• Protects against cross site scripting, SQL injection, remote code inclusion, directory recursion
and many many other web based attacks.

• Realtime malware/virus/trojan protection from web, mail, file and local based attacks.

• Web comment/blog/referrer spam protection.

• Prometheus Group's malware, antivirus and rootkit signatures.

• Real time web content redaction system, which helps protect a system from accidentally
serving up malware and can be used to help prevent data leakage of information, such as
credit cards, SSNs or other sensitive customer data.

• Domain based control over antispam and antimalware features.

• The Most powerful stack and heap overflow protection available for Linux, using the PaX
project stack protection enhancement for the Linux kernel. Protects your Linux server against
stack and heap based overflow exploits in services on the system, such as apache, mysql,
postgres, bind, secure shell and others. Also provides for high end randomization of the
kernel, stack, library, and heap bases. More powerful than the execshield and randomization
protection found in normal Linux kernels.
• An intelligent and highly secure robust Role-Based Access Control (RBAC) system that can
generate least privilege policies for your entire system with no configuration, from the
Grsecurity project.

• Specially hardened chroot capabilities, and protection against exploitable null-pointer

dereference bugs in the kernel, and other enhancements from the Grsecurity project.

• Trusted Path Execution, which restricts untrusted users such as apache to execute commands
only owned by root, thus simply preventing a whole class of exploit techniques used by
attackers, or internet worms. This can also be used to prevent your users from uploading
dangerous software to your servers!
• Users are restricted to only view their processes.

• Realtime Blacklists of spammers, malware and attackers.

• Realtime shunning and blocking of attack sources and user control over automatic
"deshunning" time lines.
• Denial of Service protection through mod_evasive.
Supported Platforms

Red Hat Enterprise Linux 4 and 5

CentOS 4 and 5

Fedora Core 4, 5, 6, 7 and 8

ASL GUI Supported Browsers

Internet Explorer 6 and 7

Opera

Firefox

SeaMonkey

Safari

Screenshots

Pricing

Subscriptions to the Atomic Secured Linux channel are available for 128$ per year, for each server
using the product. Bulk discounts, and reseller agreements are also available, for more information
contact sales@progllc.com .

Support
Subscribed customers are entitled to email based support for as long as their subscription is valid, at
support@progllc.com . ASL customers are also discounted 20% on professional services for
support on issues outside of ASL, including custom application integration, clustering, forensics.
Emergency services are also available on short notice. When requesting emergency services, please
include in the subject line of your message 'Emergency Services Request'.

ASL Installation Documentation / Source code

Red Hat Enterprise Linux 4-5, CentOS 4-5, Fedora Core 4-8 installation shortcut:

SSL Install:

wget -q -O - https://www.atomicorp.com/installers/asl |sh

Non-SSL install:

wget -q -O - http://www.atomicorp.com/installers/asl |sh