Een scanner die op CENTOS (Linux) actief scanned op hacks (exploits) en virussen. De Firewall software blokkeerd de meeste aanvallen op onze servers.
Let op: Heeft u een wordpress website dan dient u deze ook te voorzien van een eigen Plugin Firewall scanner, begrijpt u di niet en wilt u dat wij dit voor uw doen dan kan dat in een onderhoudscontract voor wordpress. Neem contact op met ons voor meer informatie
Engelse informatie over de scanner:
Active scanning is performed on all text files uploaded through:
•PHP upload scripts (via a mod_security or suhosin hook)
•Perl upload scripts (via a mod_security hook)
•CGI upload scripts (via a mod_security hook)
•Any other script type that utilizes the HTML form ENCTYPE multipart/form-data (via a mod_security hook)
•Pure-ftpd
The active scanning of uploaded files can help prevent exploitation of an account by malware by deleting or moving suspicious files to quarantine before they become active. This includes recent exploits such as the Dark Mailer spamming script and the Gumblar Virus.
cxs also allows you to perform on-demand scanning of files, directories and user accounts for suspected exploits, viruses and suspicious resources (files, directories, symlinks, sockets). It has been tuned for performance and scalability.
Exploit detection includes:
•Over 4500 known exploit scripts fingerprint matching
•Known viruses via ClamAV
•Regular expression pattern matching to help identify unknown exploits
•Filename matching
•Suspicious file names
•Suspicious file types
•Binary exeuctables
•... and more!
Included with the cxs Command Line Interface (CLI) is a web-based User Interface (UI) to help:
•Run scans
•Schedule and Edit scans via CRON
•Compose CLI scan commands
•View, Delete and Restore files from Quarantine
•View documentation
•Set and Edit default values for scans
•Edit commonly used cxs files
Note: cxs is not a rootkit scanner, though it can help detect rootkits uploaded to user accounts.
Lees meer: ConfigServer eXploit Scanner (cxs)
Sunday, January 11, 2015
