to install secuity patches for each VPS hosted on single host or appling it to host running multiple VPS is enough.
Does same applies to firewall related software..Use it for individual VPS on single host?
Is it advisable to have someone scan your server setup, ie the firewall? If so, what is used to scan the firewall?
View 13 Replies View RelatedI'm wondering if anything like directadmin, whm, etc can automate security updates to apache, mysql, php etc?
View 3 Replies View RelatedWe have a client claming that she gets a Trojan warming when she trys to access her website but using the Trojan scan in cpanel doesn't show anything.
What can we use to scan for Trojan?
What is a rootkit? The following link is a very good read to answer that question.
http://linux.oreillynet.com/pub/a/li...4/rootkit.html
In Summary, a rootkit is a trojan installed on your Linux server after someone has broken into it. These files are used to cover the hackers tracks, and to give the hacker tools to do more dirty work from your server.
Usage:
1. su - (change to root user)
2. mkdir /usr/local/chkrootkit
3. wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
4. tar -xvzf chkrootkit.tar.gz
5. cd chkrootkit*
6. cp * /usr/local/chkrootkit
7. cd /usr/local/chkrootkit
8. make sense
Now scan your system:
1. cd /usr/local/chkrootkit
2. ./chkrootkit
chkrootkit may from time to time give false positives. If you ever get a positive or "infected hit" scan a second time. If you do get a positive hit, google the hit to research the issue and steps to correct.
Part 2 - automated chkrootkit, and emailed results.
I'm lazy, and like my server to do the work for me so I have it scan every day, and email me the results.
Usage:
1. vi /etc/cron.daily/chkrootkit
2. add the following code.
Code:
#!/bin/bash
(cd /usr/local/chkrootkit; ./chkrootkit -q 2>&1 | mail -s "Daily chkrootkt scan" you@yourdomain.com)
3. chmod 0755 /etc/cron.daily/chkrootkit
This will email you@yourdomain.com every morning with your chkrootkit results. the -q option will only show you exploits.
Removal:
If you don't like getting the emails or just want to remove this from your server:
1. rm /etc/cron.daily/chkrootkit
2. rm -rf /usr/local/chkrootkit
All files will now be deleted from your server.
Is this possible we can scan virus on the account on server?
View 1 Replies View Relatedhow to correct it?
Code:
---------------------- Start Rootkit Hunter Scan ----------------------
Warning: Checking for prerequisites [ Warning ]
The file of stored file properties (rkhunter.dat) does not exist, and so must be created. To do this type in 'rkhunter --propupd'.
Warning: WARNING! It is the users responsibility to ensure that when the '--propupd' option
is used, all the files on their system are known to be genuine, and installed from a
reliable source. The rkhunter '--check' option will compare the current file properties
against previously stored values, and report if any values differ. However, rkhunter
cannot determine what has caused the change, that is for the user to do.
One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter/rkhunter.log)
What's the best way to do a daily check for xss scripts injected into php and html files on a linux box?
I am referring to stuff like framer.z
[url]
which essentially has a telltail signature of
<script>eval(unescape("%77%69...
Is there anything for linux that keeps up with those kinds of script signatures?
I doubt CSF or Clam looks for that kind of stuff, right?
i have server and i want to do shell scan and delete the shell
View 4 Replies View RelatedI am not much familiar with windows server scan. How can I do full scan on the server? I want to make sure that server is secure.
View 3 Replies View RelatedAny body knows of free server security scan for my dedicated?
View 4 Replies View Related[url]
[url]
One of my users posted this in the forum saying my server is scanning his computer. His this serious? Do I have virus? Should i be worried? Well i am kinda worried. I tried googling it, but i can't seem to figure the right keywords for a good result.
So I have a client using Wordpress 3.6, so the scan does little good.
I update the Wordpress to 4.1.1 and do the Scan again. Plesk cannot find the updated install of WP still?
has anyone successfully updated from bind9.2.x to BIND 9.5.0-P1? Were there any problems regarding settings, zone files, etc etc? Can you explain the process in detail for the update? One of my customers wishing to have this done, is running CentOS, I assume yum would be the best course of actions?
View 14 Replies View RelatedAn important cPanel update was released a short while ago - [url]
Please be sure to upgrade.
When you are hosting websites/game servers and then updates on your server pops up. What do you do? Restart the server and kick everyone off the server for 10min? Or leave it?
Whats the best course of action?
Lately we have been receiving a lot of complaints from our users who do not wish to update their scripts. I have been telling those users that they have to keep their scripts up to date if they want to avoid having that script exploited or used to send spam or other malicious intentions. The ramifications of a single user on a server not keeping their script up to date affects all of the users on the server.
I am just wondering how other hosting providers handle this. When a client threatens to leave because you don't allow them to run an outdated script, what actions do you take to try and keep the client?
I have a Windows VPS account with a well-known hosting company. According to their knowledgebase, they "apply Microsoft security updates directly from the hardware node. For this reason, they are not able to be applied from within your VPS."
I discovered this after attempting to apply a Service Pack on my VPS, which messed up my VPS. Now that I've learned this the hard way, here's my question: Is this true with other Windows VPS hosting companies too?
While I understand that I'm responsible for what I update on my VPS, I'm frustrated that the hosting company doesn't take more steps to prevent this from happening...
cPanel has released a very important update a short while ago. I don't normally post when updates are released, but this is one that should not be missed. More information can be found here:
[url]
and here:
[url](not sure when this will be updated).
Stay safe.
edit: the *second* I posted this, I found out there will be another tomorrow. Keep your eyes on layer1.cpanel.net.
I've been trying to get any reviews on ahosting.biz services here on the forum, but the last thread where the poster was complaining about the limits of emails sent from their reseller accounts failed to find anything. Any updates?
View 10 Replies View RelatedI have been with primaryvps since May and in last two months I was very busy... and then came back from vacation, it was working fine for a few days... indeed, I could access my server as late as last night. But then my server is down today, with empty page at primaryvps.com and there's nothing else.
So I got nervous and came here to check... and I realized that a lot of people had troubles with them, perhaps more than I did, but then are they really going out of business? As a customer I received no warning of any kind, though.
Any certain info on their current status would be appreciated. I wrote them (support and victor's email) but didn't get responses... In the past they replied very fast, so there's something strange going on for sure...
I'm running Plesk 9.2.2 & using the supplied AWStats install. Where will I find the configuration that dictates when AWStats will be updated? It's currently updating at 3.36am daily, & I'd like to set it to hourly. Can't find anything in the root or psaadm crontabs & not sure where else to look.
View 5 Replies View Relatedthis only shows up in Centos 5, it seems.
You do the good ole "yum update"
and...something very bad happens:
Loading "installonlyn" plugin
>> Loading "rhnplugin" plugin
>>
>>
>> Could not find any working storages.
Ok..this is one of the times google fails me..I guess because this is a fairly new problem.
If you are lucky:
Visit the rpm repo of your choice..manually download:
python-sqlite*
and
sqlite*
and force a re-install:
rpm -ivh python-sqlite* --force
rpm -ivh sqlite* --force
Sadly..I did find that..and it was tried..and did not work for me.
The fix? Ohhh...you gonna love this:
I completely removed python and everything that depends on it.
Drastic? Oh yeah. But after wasting two days with fixes that did not help...I figured this was the only way. Drastic measures were called for.
It was. It worked. You put everything back..and it is fine.
Oh..I noticed yum.3.2.1is available..and decided to give that a shot as well. It is fine.
Certainly not as much fun as the time I decided to attempt a upgrade of glib2 on a vps..but close.
Basically I do all my updating now. I have a VPS with...*GASP*...godaddy and their policy is you do all the updating to your server yourself. They will not help you in any way unless you pay their "extra special services team" 80 bucks an hour.
Now, I'm not that much of a server genius, I can find my way around and do certain updates. I'm just tired of doing it and also have a huge fear that I'll screw something up.
Is there a company that will do a full switchover from godaddy to their service, does all the updates and installs programs for a small fee for you? I also need one that is comparable in price. I'm paying 52 bucks a month now.