Results 1 to 3 of 3
  1. #1

    Possible trojans?

    I just ran a scan for trojan horses in WHM and it came up with "687 POSSIBLE Trojans". WTH? Are these real trojan horses? If so, how do I remove them?

  2. #2
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    8,910
    It's possible that any changes made to the OS would have resulted in a different md5 sums for the binaries, which can *sometimes* confuse WHM into thinking the file changes are trojans... given that there are 687 files found, that would be the likely scenario.

    If you want a second opinion, you should contact a server management company to do a security audit of your server just to confirm that it is the md5 mismatches causing the false positives with the trojan scanner.
    Patrick William | RACK911 Labs | Software Security Auditing
    400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com

    www.HostingSecList.com - Security notices for the hosting community.

  3. #3
    Join Date
    Nov 2006
    Location
    search.php?do=getnew
    Posts
    1,238
    I just ran a scan for trojan horses in WHM and it came up with "687 POSSIBLE Trojans". WTH? Are these real trojan horses? If so, how do I remove them?
    Hi Jumper007,

    The trojan scanner that WHM uses is notorious for being -very- inaccurate with the results - the best way to find trojans is to either do it by hand using logs and traces or to hire a server administrator to do it for you.
    http://www.rskeens.com
    A casual blog mainly about the web hosting industry

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •