Server Security Help

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Tipsy
    Confirmed User
    • Jul 2001
    • 6989

    #1

    Server Security Help

    A quick question:

    One of our servers has been used for spamming. We're almost certain it's via an exploit in a script such as an unsecure form etc. We're currently wading through logs to track it down (mod_security isn't stopping it) but in the meantime does anyone know of a decent scanner that will check a server for known vulerabilities like that?

    Most I can find are program specific such as something that looks for unsecure phpbb's. Are there any programs that check for a broad range of possible exploits?
    Ignorance is never bliss.
  • IceMaster
    Confirmed User
    • Jan 2005
    • 8920

    #2
    chkrootkit --> http://www.chkrootkit.org/

    Comment

    • Tipsy
      Confirmed User
      • Jul 2001
      • 6989

      #3
      Thanks but no help. It's thankfully not rootkit related (run both the rootkit checkers) and as I say pretty certainly a script which will eventually be tracked down via the logs (I hope).

      It'd be nice to have something to scan for stuff like this though. Given the amount of exploits in the 1000's of script out there you'd have thought someone would have a nice little script that looks for them
      Ignorance is never bliss.

      Comment

      • BigBen
        Confirmed User
        • Nov 2004
        • 2299

        #4
        http://www.nessus.org/

        Comment

        • chaze
          Confirmed User
          • Aug 2002
          • 9774

          #5
          Originally posted by IceMaster
          this is the industry standard right now.
          Like the desert needs the rain
          We do fully manged WordPress, VPS, and Servers. Adult Host Pro https://adulthostpro.com/ Since 2001

          Comment

          • Tipsy
            Confirmed User
            • Jul 2001
            • 6989

            #6
            Originally posted by BigBen
            Thanks - shame their latest release doesn't seem to support bsd 4.9 though Only 5+.

            I may give it a go anyway and just copy across any missing bsd5 binaries see if I can get it running.
            Ignorance is never bliss.

            Comment

            Working...