Results 1 to 12 of 12
  1. #1
    Join Date
    Aug 2013
    Posts
    43

    CXS or linux-malware-detect (LMD) ?

    hi there, just wondering which one you would choose? Configserver (CXS) or linux-malware-detect (LMD) ?

    It is for a shared hosting environment with quite a lot of accounts on it.

  2. #2
    Join Date
    Oct 2012
    Location
    Europe and USA
    Posts
    922
    LMD does not provide real time protection and it does not monitor web or FTP uploads. It runs only once per day from a cron job, this gives enough time to anyone to upload malware and run it.

    CXS continuously scans all uploads and instantly deletes any malware detected. Also it can (optionally) ban the IP address of the uploader. So, it is worth the $50 one time fee, it provides better protection.
    Network Panda :: Web Hosting SSD Powered :: Reseller Hosting
    Instant activation, fast servers, SSD disks, cPanel, Softaculous 1-click apps installer, daily backups, SSL certificates
    Multiple hosting locations: USA, Canada, France, UK, Germany, Italy, Spain, Poland, Finland

  3. #3
    Join Date
    May 2013
    Location
    India
    Posts
    748
    Yes, a real time scanner is recommended for shared servers with too many accounts. It is paid though ( one time ). Still Maldet is good piece of code that can work efficiently to scan files for malwares. So you may set it as well to do a periodic scan; it will be a worth ( its a free tool )

  4. #4
    Join Date
    Feb 2011
    Posts
    129
    Use both It would be your best option.

  5. #5
    Join Date
    May 2007
    Location
    Bhopal - India
    Posts
    331
    Quote Originally Posted by NetworkPanda View Post
    LMD does not provide real time protection and it does not monitor web or FTP uploads. It runs only once per day from a cron job, this gives enough time to anyone to upload malware and run it.
    You probably haven't explored it fully. CXS and LMD both provides real time protection using kernel inotify as well as Mod_Security and Ftp hooks.
    LoopByte
    India Based Dedicated Servers, VPS & Hosting Services

  6. #6
    Join Date
    Oct 2012
    Location
    Europe and USA
    Posts
    922
    Quote Originally Posted by ovais View Post
    You probably haven't explored it fully. CXS and LMD both provides real time protection using kernel inotify as well as Mod_Security and Ftp hooks.
    Of course I am aware of LMD and inotify, but from our tests and experience, it does just nothing. It does not detect 70% of the malware. Also, it occupies a lot of CPU power without providing any real time protection.

    LMD is fine for running occasional on-demand scans, but not for real time protection... We would never trust LMD over CXS on a shared server.

    CXS does a far better job with almost 0% CPU utilization.
    Last edited by NetworkPanda; 01-14-2014 at 08:49 AM.
    Network Panda :: Web Hosting SSD Powered :: Reseller Hosting
    Instant activation, fast servers, SSD disks, cPanel, Softaculous 1-click apps installer, daily backups, SSL certificates
    Multiple hosting locations: USA, Canada, France, UK, Germany, Italy, Spain, Poland, Finland

  7. #7
    Join Date
    Apr 2002
    Location
    Troy, MI
    Posts
    309
    Quote Originally Posted by NetworkPanda View Post
    Of course I am aware of LMD and inotify, but from our tests and experience, it does just nothing. It does not detect 70% of the malware. Also, it occupies a lot of CPU power without providing any real time protection.

    LMD is fine for running occasional on-demand scans, but not for real time protection... We would never trust LMD over CXS on a shared server.

    CXS does a far better job with almost 0% CPU utilization.
    I am inclined to disagree (biased of course) that LMD real-time protection consumes large amounts of CPU. We use at A Small Orange brands LMD on a substantially large server fleet with no tangible CPU issues from LMD doing inotify watches. Further, shy of 70k servers that check-in to rfxn.com daily, some 20% use real time protection and there are very few complaints regarding issues with it. That being said, there are some shortcomings with how LMD implements inotify that I am aware of and addressing in version 1.5 but they do not take away from its utility as a reliable solution, especially when coupled with ClamAV.

    Please feel free to e-mail ryan [at] rfxn.com with any specific issues you may have or have had with it and I would welcome the feedback to be able to address the issues.
    Last edited by tchryan; 01-15-2014 at 03:16 AM.
    Ryan MacDonald
    Lead Administrator | TotalChoice Hosting
    Choice Does Matter! | Serving over 26,000 clients

  8. #8
    Agreed, used in conjunction with ClamAV it speeds up the scanning a lot.

    To the OP, there is also www.pyxsoft.com which works with modsecurity to also provide realtime protection and upload scanning. Not as extensive as LMD or CSX. My suggestion would be to use all 3, can never have enough protection against uploads etc.
    Tara Roberts
    www.whmxtra.com

  9. #9
    Join Date
    Dec 2009
    Posts
    140
    Quote Originally Posted by rfxn View Post
    That being said, there are some shortcomings with how LMD implements inotify that I am aware of and addressing in version 1.5 but they do not take away from its utility as a reliable solution, especially when coupled with ClamAV.

    Please feel free to e-mail ryan [at] rfxn.com with any specific issues you may have or have had with it and I would welcome the feedback to be able to address the issues.
    Hey Ryan,

    When will you release v1.5 ?

  10. #10
    Join Date
    Aug 2005
    Location
    Egypt
    Posts
    110
    GNU/Linux system Engineer
    Contact Me: 00201003338749

  11. #11
    Join Date
    Apr 2002
    Location
    Troy, MI
    Posts
    309
    Quote Originally Posted by bdx33 View Post
    Hey Ryan,

    When will you release v1.5 ?

    Apologies for late reply, I aiming to release LMD 1.5 within the next 30 - 60d. I will issue a blog post on rfxn.com once it goes up along with a corresponding WHT post and updating the WHT Wiki article.

    Thanks.
    Ryan MacDonald
    Lead Administrator | TotalChoice Hosting
    Choice Does Matter! | Serving over 26,000 clients

  12. #12
    Join Date
    Apr 2013
    Posts
    68
    send ticket to pyxsoft. got no reply since 24 hour, its not working and stuck while scanning server

Similar Threads

  1. cxs and Linux Malware Detect (LMD)
    By tumble in forum Hosting Security and Technology
    Replies: 2
    Last Post: 01-26-2013, 09:57 PM
  2. how uninstall Linux Malware Detect ( LMD )?
    By ertebat7 in forum Hosting Software and Control Panels
    Replies: 1
    Last Post: 10-12-2012, 11:54 AM
  3. Linux Malware Detect
    By mcaynoz in forum Hosting Security and Technology
    Replies: 4
    Last Post: 05-28-2012, 01:08 AM
  4. Linux Malware Detect , Command needed
    By monitor2000com in forum Hosting Security and Technology
    Replies: 1
    Last Post: 06-28-2011, 03:25 PM
  5. rkhunter or Linux Malware Detect
    By xmlxp in forum Hosting Security and Technology
    Replies: 4
    Last Post: 08-19-2010, 06:38 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •