Release Notes: More flexible time stamping was implemented and some logging enhancements were made. The shell now responds to cd, pwd, uname (-avsm), id, and wget, and a number of bugfixes were made.
Release Notes: Capture logs now include the source address and port of the attacker. Log entries can now be either on a single line, syslog style and suitable for machine parsing, or old style multi-line. HTTP functions are completely rewritten, achieving RFC 2616 compliance whenever possible. Other features include subroutines for errors 400, 414, and 501, correctly built HTTP return headers for several MIME types, a new "chameleon" mode which will change responses (if turned on) to emulate an IIS server when an attacker requests certain types of resources, regardless of the primary setting, and many other small tweaks and fixes.
Release Notes: Adjusted xinetd.d file port numbers and removed o-x from the config files. GOODNET and GOODSVCS were added to the INPUT chain, along with a section in iptables.rules to allow a multi-homed system to trust either an entire interface or a network. A test was added to bomb out if someone accidentaly ran iptables.rules directly. Escapes and array references were fixed in ftp(), as they were causing some versions of Perl to complain.