Security scan - AussieHost.com Web Hosting - Host Multiple Domains on Fast Australian Servers

alexstj · 4th August 2009, 03:41 PM

Hi all,

I have a Joomla! CMS website that has unfortunately been infected once or twice in the past by nasty phishing people. Obviously I subscribe to the security mailing list and patch the software asap, but it's often difficult to detect if you've been infected. (In fact several months ago on a previous host I'd cleaned up two infections and missed another one, which Aussiehost detected the other day after migration).

Does anyone know if there's a shell tool you can use to scan your /home directory for malicious files (i.e. in the manner of an AV scanner)? If so, does AH use such a tool and can an end user run it from shell?

Would be great if I could manually scan my directories every week or so..

Cheers

Aussie Bob · 5th August 2009, 06:41 PM

Hi

I'm not aware of any online scanning tool for your files there, other than ClamAV. There could be something available. If you'd like, drop an email to our techs at support@aussiehost.com and they can check your files or advise on a scanning alternative.

alexstj · 5th August 2009, 11:58 PM

Thanks - of course the best cure is prevention, but your servers do have ClamAV installed - which will pick up some phishing files.

At shell, using

Code:

clamscan -rv /home/yourusername/

I think should check one's area for as many phishing files as Clam is aware of.. (which is some, but not all)

Aussie Bob · 6th August 2009, 08:10 PM

Yes, ClamAV is installed and you can use that tool from your domain's cpanel.

4th August 2009, 03:41 PM	#1 (permalink)
alexstj Junior Member Join Date: May 2009 Posts: 8	Security scan Hi all, I have a Joomla! CMS website that has unfortunately been infected once or twice in the past by nasty phishing people. Obviously I subscribe to the security mailing list and patch the software asap, but it's often difficult to detect if you've been infected. (In fact several months ago on a previous host I'd cleaned up two infections and missed another one, which Aussiehost detected the other day after migration). Does anyone know if there's a shell tool you can use to scan your /home directory for malicious files (i.e. in the manner of an AV scanner)? If so, does AH use such a tool and can an end user run it from shell? Would be great if I could manually scan my directories every week or so.. Cheers

5th August 2009, 11:58 PM	#3 (permalink)
alexstj Junior Member Join Date: May 2009 Posts: 8	Thanks - of course the best cure is prevention, but your servers do have ClamAV installed - which will pick up some phishing files. At shell, using Code: clamscan -rv /home/yourusername/ I think should check one's area for as many phishing files as Clam is aware of.. (which is some, but not all)

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

5th August 2009, 06:41 PM	#2 (permalink)
Aussie Bob AussieHost.com Founder Join Date: May 2007 Posts: 770	Hi I'm not aware of any online scanning tool for your files there, other than ClamAV. There could be something available. If you'd like, drop an email to our techs at support@aussiehost.com and they can check your files or advise on a scanning alternative.

6th August 2009, 08:10 PM	#4 (permalink)
Aussie Bob AussieHost.com Founder Join Date: May 2007 Posts: 770	Yes, ClamAV is installed and you can use that tool from your domain's cpanel.