I wonder which virus scanner software is useful for Unix server(Centos 4.5). One of my client install SMF forum and when visitors access the forum,their virus scanner warn that site is affected by trojan. I used Clamav to scan entire home directory but seem nothing found.
I`ve been playing with Debian and FreeBSD for couple weeks so far. As a noobie I`d like to ask you what distribution you prefer for web server? I know that it is said "the best is the one you know better" but in my situation it is hard to say that I really know either Debian or FreeBSD.
So what would you recommend in my situation (new to *unix topic) if I have to set web server for a company site?
I`m mostly interested in security, relatively easy to configure/secure/find info how-to, easy to update soft apache/php/mysql.
I am new here. I have a leased web server and I am getting new pages called "postinfo.html" on every domain along with some javascript code (virus) attached at the end of every webpage on every domain. Does anyone know about this or how to get rid of it and prevent it? I have a sneaky suspicion that it is from a phpbb forum.
There's supposed to be a virus on one of my server (called "cdpuvbhfzz"). Anyone has any idea on how to remove it? What software to install, what do do next. Also, is transferring an infected account on a different machine is also transferring a virus?
Alright guys - my server the past two weeks is just freaking ridiculous. It's a Core2Quad Q9300 2.5ghz server with 8gb of ram. It should be fast as hell. I can't move 20 e-mails in my mail client without the server grinding to a complete halt and httpd and mysql going unresponsive. Right now I'm just trying to copy a damned screen shot of the task manager performance tab and it's taking about 3 minutes to paste it - even though the CPU utilization is averaging only 20% at the moment and memory is only 2.5gb.
I restarted WAMP and now it seems to be running smoother. My Outpost firewall, though, didn't show too many connections to the server that it was maxing out.
Here's my ping responses just now while I was typing this - I was watching the firewall connections and I was only having like 60 connections to httpd, 20 connections to mysql, 5-10 to my SmarterTools mail server, and then my remote desktop connection. My network utilization got up to a whole 5% - so it's not that I have too many connections or something. Here's the ping responses:
C:Documents and SettingsBrian>ping mifbody.com -n 99
Pinging mifbody.com [216.245.195.146] with 32 bytes of data:
Reply from 216.245.195.146: bytes=32 time=70ms TTL=115 Reply from 216.245.195.146: bytes=32 time=73ms TTL=115 Reply from 216.245.195.146: bytes=32 time=81ms TTL=115 Reply from 216.245.195.146: bytes=32 time=78ms TTL=115 Reply from 216.245.195.146: bytes=32 time=71ms TTL=115 ....
We have a Windows Server 2003 dedicated, and use the Windows POP3 Service for emails, is there anything that can be plugged in to provide serverside spam/virus protection?
What type of free email scanner gateway that you are using? I am using SA, Clam and Qmail. It's a little old and w/o the GUI for client to manage the settings.
I'm thinking to switch to something with GUI. Perhaps the combination of Exim, SA, Clam, MAilScanner and a GUI.
Goolag Scanner coded by CULT OF THE DEAD COW/cDc communications
Ive been using it for a bit, but i don't have any vulns on most of my box's.
Anyone else find this thing effective?
Ive passed it onto a few clients, seem to entertain them doing there own basic google powered security scans.
Here is a quick download; Goolag_Scanner_1.0.0.40_Setup.exe
Ive pulled a few results on other large sites, some interesting data thats spread out on google, strange how the crawlers get into it?
1.2 Software
To understand Goolag Scanner, it is important to understand how "dorks" work (see 1.4) and with that, to establish the use of dorks as an acceptable tool for information security experts, penetration testers, and practical paranoids.
1.4 Terms And Abbreviations
* Dork = A detailed search pattern - heretofore used with Google's search engine - that uses Google to show untapped results for web sites previously indexed by Google.
The intention of a dork is to find results that might show information relevant to security issues and/or confidential data.
From our point of view, dorks are not limited to Google. Frankly, they are malicious patterns that apply to most search engines.
i installed the latest version of the mail scanner on my linux server. It has been tested to be scanning and running properly. But one thing that is unusual is that the emails that is being processed by the mailscanner does not get tagged as its being processed by it. Hence i do not really know whether it has been processed.
When i check the email full headers, i am missing information like spam score, spam information and spam status. I did a check in the mailscanner.conf and the configuration was done correctly.
how can we set these information to show on the email header that it has been processed.
Ive recently switched from PC to OSX, i now own '2' Macs, a laptop and a G4 Quicksilver, although its CPU speed is slower and the Ram is lesser then my old PC, it performs much much quicker and more efficient.
The question is, i'm a web developer, i know very little about the back end goings on, such as System Administration, but i've got a few books on the subject which are aimed at Unix system administrators. Does UNIX cover both OSX and Linux (Debian mainly).
Eventually i want to be able to run my own server, i own a debian dedicated server, but its not my own, its the datacenter's and i dont really know enough to get down and dirty in the back end. Id like to be able to set up servers from scratch in the long run.
So would learning UNIX cover both OSX and Linux, im not bothered about Windows, i don't plant to use a Windows machine again.
Is there a way where i can view which IP connected to my server the most? I need to find out if there is certain IP keep hitting my mail server until it crashed.
Preferably the software could sort out the highest hit IP then to the lowest.
I'm a Unix newbie so please forgive me if this is a really dumb question but I haven't quite been able to figure it out...
I'm trying to set up a form script to replace formmail on the server. I've set it up in the cgi-sys bin. I chmod the script 755, but when I try to call it I get 500 error messages.
I was looking at the permissions and I noticed that all the other scripts have the "wheel" setting.. such as:
197633 -rwxr-xr-x 4 root wheel 3479620 Dec 22 03:04 _formmail.cgi*
The new form I added as "root" instead of "wheel":
1280150 -rwxr-xr-x 1 root root 12342 Mar 1 21:46 mycontactform.pl*
How do I change it so that "mycontactform.pl" is in the "wheel" group so that it works? Anything else I should know/do to make this secure? I don't know enough about the permissions to change this. I want all the customers on the server to be able to use the new form.