LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   CentOS 5.3 AV and malware problems (https://www.linuxquestions.org/questions/linux-newbie-8/centos-5-3-av-and-malware-problems-736692/)

britchaz 06-30-2009 10:02 AM

CentOS 5.3 AV and malware problems
 
Hi guys,

I'm using CentOS 5.3 server with no server GUI and I am looking for a free AV. We have a YouTube-like application on our server called ClipHouse and I think there is a video that embedded malware into that part of the server. I've found the malware in a few index.php files. What do you think I should do?

mark_alfred 06-30-2009 11:43 AM

Try clamav. The command, once it's installed, is "clamscan". Various options are available too, for instance,

"clamscan --detect-pua --detect-broken -r"

Here, you'll be detecting possibly unwanted applications, along with broken applications, and running it recursively. You can create a log file as well, with the option "-l" followed by a specified file: "-l /home/user/clamscanresult". More information on options is on it's manpage.

farslayer 06-30-2009 01:12 PM

I doubt the malware was inserted from a video file, there are certainly enough other methods to alter php files remotely.

I think you should check to ensure your Cliphouse software is up to date, and the latest version.

Contact DZOIC and find out if there are any known vulnerabilities in their code that would allow your site to be compromised.

Check the install directions for Cliphouse that outline the configuration of your server, and ensure you have all the setting done properly in your PHP, Apache, and MySQL configs.

If you have any other PHP code on your website, ensure that it too is up to date and secure..


All times are GMT -5. The time now is 06:38 AM.