Server protection from paypal cgi scripts
- Thread starter darles
- Start date
nobaloney
NoBaloney Internet Svcs - In Memoriam †
Sounds like a great do-it-yourself project 
.
How about first doing a grep of the entire /home/ file system to a file (don't forget to make the grep case insensitive) for paypal.com. Then read the output (it may take a while if a lot of your customers use PayPal). Save the output.
Every night in cron.daily run a script to do the same thing, and then to diff that against the baseline file you saved. Then email yourself the output of the diff which will show any new references to paypal.com.
If any legitimate references are added, be sure to add them to your baseline.
Jeff
.How about first doing a grep of the entire /home/ file system to a file (don't forget to make the grep case insensitive) for paypal.com. Then read the output (it may take a while if a lot of your customers use PayPal). Save the output.
Every night in cron.daily run a script to do the same thing, and then to diff that against the baseline file you saved. Then email yourself the output of the diff which will show any new references to paypal.com.
If any legitimate references are added, be sure to add them to your baseline.
Jeff