I wonder which virus scanner software is useful for Unix server(Centos 4.5). One of my client install SMF forum and when visitors access the forum,their virus scanner warn that site is affected by trojan. I used Clamav to scan entire home directory but seem nothing found.
View 4 Repliesi want to secure my server that scanner tools can not scan my site . because of one of my site is very important to do not scan of folder.
my server os : linux Centos 5
i have managed server. just i want sure if it is secured.
i want company to test my server, Security Scanner.
and give me report about my bugs.
My server has been hacked, I need you please to help learn about Unix server security to protect my server.
View 6 Replies View RelatedI`ve been playing with Debian and FreeBSD for couple weeks so far. As a noobie I`d like to ask you what distribution you prefer for web server? I know that it is said "the best is the one you know better" but in my situation it is hard to say that I really know either Debian or FreeBSD.
So what would you recommend in my situation (new to *unix topic) if I have to set web server for a company site?
I`m mostly interested in security, relatively easy to configure/secure/find info how-to, easy to update soft apache/php/mysql.
I see a company that support asp in linux server. i search and i found that a mod in apache server do it.
who know about this mod?
install it in my server?
I am new here. I have a leased web server and I am getting new pages called "postinfo.html" on every domain along with some javascript code (virus) attached at the end of every webpage on every domain. Does anyone know about this or how to get rid of it and prevent it? I have a sneaky suspicion that it is from a phpbb forum.
View 6 Replies View RelatedThere's supposed to be a virus on one of my server (called "cdpuvbhfzz"). Anyone has any idea on how to remove it? What software to install, what do do next. Also, is transferring an infected account on a different machine is also transferring a virus?
I am on CentOS 5, using cPanel.
Alright guys - my server the past two weeks is just freaking ridiculous. It's a Core2Quad Q9300 2.5ghz server with 8gb of ram. It should be fast as hell. I can't move 20 e-mails in my mail client without the server grinding to a complete halt and httpd and mysql going unresponsive. Right now I'm just trying to copy a damned screen shot of the task manager performance tab and it's taking about 3 minutes to paste it - even though the CPU utilization is averaging only 20% at the moment and memory is only 2.5gb.
I restarted WAMP and now it seems to be running smoother. My Outpost firewall, though, didn't show too many connections to the server that it was maxing out.
Here's my ping responses just now while I was typing this - I was watching the firewall connections and I was only having like 60 connections to httpd, 20 connections to mysql, 5-10 to my SmarterTools mail server, and then my remote desktop connection. My network utilization got up to a whole 5% - so it's not that I have too many connections or something. Here's the ping responses:
C:Documents and SettingsBrian>ping mifbody.com -n 99
Pinging mifbody.com [216.245.195.146] with 32 bytes of data:
Reply from 216.245.195.146: bytes=32 time=70ms TTL=115
Reply from 216.245.195.146: bytes=32 time=73ms TTL=115
Reply from 216.245.195.146: bytes=32 time=81ms TTL=115
Reply from 216.245.195.146: bytes=32 time=78ms TTL=115
Reply from 216.245.195.146: bytes=32 time=71ms TTL=115 ....
I have ClamWin on the server and it says the following after a 7 hour scan. I notice there is an option to remove files but not sure if i should.
C:WINDOWSjavaclassesjavavm.exe: Worm.Mytob.FN FOUND
C:WINDOWSsystem32TskMan.exe: Trojan.Servu.1 FOUND
C:WINDOWSsystem32wmc.exe: Trojan.RAdmin-2 FOUND
I have also ran the Microsoft Windows Malicious Software which says it has removed them, restart, and they are back.
I want to set up a dedicated server for spam and virus filtering (MX)
But i was wondering, is there a good opensource based tool for this?
We have a Windows Server 2003 dedicated, and use the Windows POP3 Service for emails, is there anything that can be plugged in to provide serverside spam/virus protection?
View 0 Replies View RelatedCSF install the new version, I warned that the option Check for cxs. I had a few questions!
1 - is it free? And can be installed and will work?
2 - I like these things are additional to the installation?
3 - a bit about this new possibility to explain how to solve the case to get out of the red.
Does anyone know any open source tools that will scan cgi programs for exploits? Specifically for exploitable formmail scripts.
View 0 Replies View RelatedWhat type of free email scanner gateway that you are using? I am using SA, Clam and Qmail. It's a little old and w/o the GUI for client to manage the settings.
I'm thinking to switch to something with GUI. Perhaps the combination of Exim, SA, Clam, MAilScanner and a GUI.
While reading a lot of posts and blogs about hosting, I just wanted to ask if someone has an idea on how to find files with illegal content.
I just tried a few bash scripts, but if there are a few thousand files, most of them stop working or produce server loads that stop the whole server.
Is there any software already out there or any script to scan the content on server for phrases?
I would like to know how resource intensive is ClamAV Scanner. Should I allow it or not to my VPS clients/resellers?
Can I set it to use it as root? How?
Anobody knows appropriate rules to block Acunetix scanner to crawl my sites?
View 8 Replies View RelatedAre there any vulnerability scanners that search the local file system for vulnerable apps?
I don't need an external scanner. I want to scan all my users home dirs for bad apps - old coppermines, phpbb, etc.
I've not been able to find anything like this.
Anyone use this poorly coded thing?
Goolag Scanner coded by CULT OF THE DEAD COW/cDc communications
Ive been using it for a bit, but i don't have any vulns on most of my box's.
Anyone else find this thing effective?
Ive passed it onto a few clients, seem to entertain them doing there own basic google powered security scans.
Here is a quick download; Goolag_Scanner_1.0.0.40_Setup.exe
Ive pulled a few results on other large sites, some interesting data thats spread out on google, strange how the crawlers get into it?
1.2 Software
To understand Goolag Scanner, it is important to understand how "dorks"
work (see 1.4) and with that, to establish the use of dorks as an
acceptable tool for information security experts, penetration testers,
and practical paranoids.
1.4 Terms And Abbreviations
* Dork = A detailed search pattern - heretofore used with Google's
search engine - that uses Google to show untapped results for web
sites previously indexed by Google.
The intention of a dork is to find results that might show
information relevant to security issues and/or confidential data.
From our point of view, dorks are not limited to Google. Frankly,
they are malicious patterns that apply to most search engines.
* gS = Goolag Scanner
* cDc = CULT OF THE DEAD COW/cDc communications
i installed the latest version of the mail scanner on my linux server. It has been tested to be scanning and running properly. But one thing that is unusual is that the emails that is being processed by the mailscanner does not get tagged as its being processed by it. Hence i do not really know whether it has been processed.
When i check the email full headers, i am missing information like spam score, spam information and spam status. I did a check in the mailscanner.conf and the configuration was done correctly.
how can we set these information to show on the email header that it has been processed.
I am trying to find out how to install VPS on HP Unix OS and which one to chose.
Can you set me on right track?
Any Unix FTP tool to get all files (files+subdirectories) from remote server with 1 line command?i'm using FreeBSD
View 1 Replies View RelatedIve recently switched from PC to OSX, i now own '2' Macs, a laptop and a G4 Quicksilver, although its CPU speed is slower and the Ram is lesser then my old PC, it performs much much quicker and more efficient.
The question is, i'm a web developer, i know very little about the back end goings on, such as System Administration, but i've got a few books on the subject which are aimed at Unix system administrators. Does UNIX cover both OSX and Linux (Debian mainly).
Eventually i want to be able to run my own server, i own a debian dedicated server, but its not my own, its the datacenter's and i dont really know enough to get down and dirty in the back end. Id like to be able to set up servers from scratch in the long run.
So would learning UNIX cover both OSX and Linux, im not bothered about Windows, i don't plant to use a Windows machine again.
is there any performance difference using php on unix and (isapi)windows platform?
View 13 Replies View RelatedI'd like to know that is Linux virus free server or not?
Is there any possibility to run a virus on linux server while uploading files (virus affected) from local system to server end by ftp client?
Beside Parallels Virtuozzo, what other commercial VPS Panel do you prefer to use on Linux/Unix?
View 7 Replies View RelatedI thought this was interesting.
AT&T Shared Unix Hosting
Anyone have any experience w/ this?
Is there a way where i can view which IP connected to my server the most? I need to find out if there is certain IP keep hitting my mail server until it crashed.
Preferably the software could sort out the highest hit IP then to the lowest.
which hosting is better - Windows, Unix or Linux?
View 9 Replies View RelatedI'm a Unix newbie so please forgive me if this is a really dumb question but I haven't quite been able to figure it out...
I'm trying to set up a form script to replace formmail on the server. I've set it up in the cgi-sys bin. I chmod the script 755, but when I try to call it I get 500 error messages.
I was looking at the permissions and I noticed that all the other scripts have the "wheel" setting.. such as:
197633 -rwxr-xr-x 4 root wheel 3479620 Dec 22 03:04 _formmail.cgi*
The new form I added as "root" instead of "wheel":
1280150 -rwxr-xr-x 1 root root 12342 Mar 1 21:46 mycontactform.pl*
How do I change it so that "mycontactform.pl" is in the "wheel" group so that it works? Anything else I should know/do to make this secure? I don't know enough about the permissions to change this. I want all the customers on the server to be able to use the new form.