Integrate Linux Malware Detection

zEitEr said:
Right you are, I've missed that part of the script. Anyway just to be sure did you ran maldet with -a? Your arguments seem to be correct, but what if -a has a greater impact. Or you could give me an example of malware which maldet missed in your case. Please do not post here any code, just a link if possible.
Click to expand...
I have one left for sure that I kept for a test, and maybe I can rustle up some more. I'll PM them to you in encrypted form. Saving them is not the first thing on your mind when you are trying to get a site off Google's blacklist.
 
It doesn't look like I can do attachments anymore in PM. Now what? I don't want to post it on this forum.

EDIT: I e-mailed them to you in an encrypted zip to the address you PMed me. I also PMed you the unlock key for the zip encryption. It's tough to work with viruses and not lose them. I'm working in Windows 8, and Windows Defender nails them even when I turn off real-time. I lost one strain, sorry to say. It didn't end up in quarantine, so it must have cleaned it, which I have no control over. (I like Windows 7 better. After a year working with 8, I still don't like it as well as 7.)
 
Last edited:
When saying about malware code on pages of your site, do you mean the existing files on your HDDs? Or not?
 
zEitEr said:
When saying about malware code on pages of your site, do you mean the existing files on your HDDs? Or not?
Click to expand...
The sites had the pages on them that I put in the zip. I removed most of them to my PC's hard drive so I could put them back if I had problems with the restored pages. My Windows 8 Defender found them and quarantined them. Even with real-time turned off, it did a scan while I was working on it, told me it found malware, but I don't see them in the quarantine. (Yes, it does archives) I'm fairly certain that they made it to the zip with the malware still in them and encrypted, and certain that at least one did. You have the zip and encryption key. Good luck with them!

Thanks!
 
Last edited:
I have followed all the MalDet instructions, but I get no email messages. I set the email setting from 0 to 1 but I still get nothing.

I cut an pasted the original post from this thread, and rebooted. Still no reports.

CentOs, DirectAdmin 2.x.

There' nothing in the Exim regular or Exim Reject log.

Any suggestions would be appreciated. DA 2.x. Centos 5.5. Very low load.

Any suggestions would be appreciated.

Thanks,
-Joe


PS Anyone know how to do a ClamAV over the same data or would that just be a waste of resources. ClamAV has been very poor lately and is only catching about 64% of infected. Avira is the best, but it slows down the server to a halt in a day or two.

Thanks,
-Joe
 
You must log in or register to reply here.
Back
Top