Results 1 to 14 of 14
  1. #1

    Linux Malware Detect vs ConfigServer eXploit Scanner

    Any experience in using these tools. Do they achieve the same results? CSX has the advantage of being integrated in cPanel but the disadvantage of not being free.

  2. #2
    Join Date
    May 2006
    Posts
    1,398
    cxs hands down, maldet is good free software but cxs is real good if you can afford it

  3. #3
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,262
    They perform different jobs.

    Anyway:
    Maldet is actively worked on with hundreds of new signatures added every month. Ryan is also working with clamav to have those same signatures included in their software.

    FYI: CXS is not going to detect malware that has been uploaded through an RFI exploit unless you run an on-demand scan.
    Last edited by Steven; 09-15-2010 at 11:33 AM.
    Steven Ciaburri | Proactive Linux Server Management - Rack911.com
    System Administration Extraordinaire | Follow us on twitter:@Rack911Labs
    Managed Servers (AS62710), Server Management, and Security Auditing.
    www.HostingSecList.com - Security notices for the hosting community.

  4. #4
    Quote Originally Posted by Steven View Post
    They perform different jobs.
    I was under the impression they did the same or at least very similar things.

  5. #5
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,262
    Quote Originally Posted by Logicidea View Post
    I was under the impression they did the same or at least very similar things.
    They are very similar but they work slightly different.

    For what its worth - I get more results from maldet.
    Steven Ciaburri | Proactive Linux Server Management - Rack911.com
    System Administration Extraordinaire | Follow us on twitter:@Rack911Labs
    Managed Servers (AS62710), Server Management, and Security Auditing.
    www.HostingSecList.com - Security notices for the hosting community.

  6. #6
    Join Date
    Apr 2009
    Location
    Athens,Greece
    Posts
    105
    which other scripts will you suggest performing similar job to cxs?
    intergrated with cpanel , are there any available for free
    k-planethost
    shared hosting,reseller vps at http://k-planet.gr

  7. #7
    Maldet does not detect all malicious scripts.

    Opt for cxs.
    Hillock Hosting
    Unlimited Hosting Solution
    Reliable Shared | Reseller| VPS Hosting Services

  8. #8
    Join Date
    Aug 2008
    Location
    Troy, MI
    Posts
    62
    Quote Originally Posted by Hillockhosting View Post
    Maldet does not detect all malicious scripts.

    Opt for cxs.
    One could argue the very same for CXS, none will detect every single threat. However, LMD is community supported and allows for users to easily submit signatures for addition to the project in addition to some glaring project principles that set it apart from CXS, in how signature data is gathered and features such as real-time monitoring.

    Check out http://www.rfxn.com/projects/linux-malware-detect/ for all the details and the latest blog post for LMD at:
    http://www.rfxn.com/signature-updates-threat-database/
    Ryan MacDonald
    Lead Administrator | TotalChoice Hosting
    Choice Does Matter! | Serving over 26,000 clients

  9. #9
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,262
    Quote Originally Posted by Hillockhosting View Post
    Maldet does not detect all malicious scripts.

    Opt for cxs.
    Correct. However Maldet finds scripts that cxs doesnt find. Clamav finds scripts that neither of them find. Both of them find scripts that clamav does not find.

    Point here is - overlap them. It will be better for your servers health.
    Steven Ciaburri | Proactive Linux Server Management - Rack911.com
    System Administration Extraordinaire | Follow us on twitter:@Rack911Labs
    Managed Servers (AS62710), Server Management, and Security Auditing.
    www.HostingSecList.com - Security notices for the hosting community.

  10. #10
    Join Date
    Sep 2007
    Location
    Vijayawada
    Posts
    185
    Our thoughts are similar to Steven's in a way.
    How about an authoritative and all-inclusive signature database, which can be used by all these so that everyone get benefited?
    Last edited by tuxg; 09-18-2010 at 03:16 PM.
    TUXG Hosting - shared hosting simplified
    Linux | BSD ~ Joomla | Drupal
    o 99.9% Uptime o Anytime Phone Support o 30-day Moneyback

  11. #11
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,262
    Quote Originally Posted by tuxg View Post
    Our thoughts are similar to Steven's in a way.
    How about an authoritative and all-inclusive signature database, which can be used by all these so that everyone get benefited?
    Differences in opinions will never let that happen.
    Steven Ciaburri | Proactive Linux Server Management - Rack911.com
    System Administration Extraordinaire | Follow us on twitter:@Rack911Labs
    Managed Servers (AS62710), Server Management, and Security Auditing.
    www.HostingSecList.com - Security notices for the hosting community.

  12. #12
    Join Date
    Apr 2002
    Location
    Canada
    Posts
    247
    Quote Originally Posted by tuxg View Post
    Our thoughts are similar to Steven's in a way.
    How about an authoritative and all-inclusive signature database, which can be used by all these so that everyone get benefited?
    By working with ClamAV malware team to exchange signature data and along with the CymRU malware hash registery, the LMD project contributes back to the malware detection community at large and helps to strengthen other existing tools in providing accurate and current threat detection. I should also point out that LMD also helps CXS by doing this in that CXS is a wrapper for ClamAV to an extent and in improving ClamAV malware detection, LMD is indirectly improving CXS.
    'Make no mistake, the odds are not in your favor -- you have to patch every hole,
    but an attacker need find only one to get into your environment.'

    R-fx Networks - Linux Software & Blog | http://www.rfxn.com

  13. #13
    Join Date
    Jan 2007
    Posts
    584
    Are these very resources expensive? Which one is the lightest to run on shared hosting environment?
    Peter Orga-Sales -sales@sexywing.com
    SexyWing - flying adult hosting service
    Profitable adult hosting provider Since 2006
    http://www.sexywing.com

  14. #14
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,262
    The initial scan from lmd is resource expensive, further scans are not.

  15. Newsletters

    Subscribe Now & Get The WHT Quick Start Guide!

Similar Threads

  1. rkhunter or Linux Malware Detect
    By xmlxp in forum Hosting Security and Technology
    Replies: 4
    Last Post: 08-19-2010, 06:38 PM
  2. eXploit Scanner (cxs)
    By relaxiha in forum Hosting Security and Technology
    Replies: 21
    Last Post: 07-05-2010, 02:01 PM
  3. Replies: 0
    Last Post: 02-22-2010, 07:24 AM
  4. Linux scanner for malware?
    By stablehost in forum Running a Web Hosting Business
    Replies: 15
    Last Post: 12-22-2009, 11:45 AM
  5. ConfigServer eXploit Scanner (cxs) - Released!
    By chirpy in forum Software & Scripts Offers
    Replies: 4
    Last Post: 11-19-2009, 07:26 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •