hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : Linux Malware Detect vs ConfigServer eXploit Scanner
Reply

Forum Jump

Linux Malware Detect vs ConfigServer eXploit Scanner

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old
Junior Guru Wannabe
 
Join Date: Mar 2009
Posts: 63

Linux Malware Detect vs ConfigServer eXploit Scanner


Any experience in using these tools. Do they achieve the same results? CSX has the advantage of being integrated in cPanel but the disadvantage of not being free.



Sponsored Links
  #2  
Old
Disabled
 
Join Date: May 2006
Posts: 1,398
cxs hands down, maldet is good free software but cxs is real good if you can afford it

  #3  
Old
Problem Solver
 
Join Date: Mar 2003
Location: California USA
Posts: 13,197
They perform different jobs.

Anyway:
Maldet is actively worked on with hundreds of new signatures added every month. Ryan is also working with clamav to have those same signatures included in their software.

FYI: CXS is not going to detect malware that has been uploaded through an RFI exploit unless you run an on-demand scan.

__________________
Steven Ciaburri | Proactive Linux Server Management - Rack911.com
System Administration Extraordinaire | Follow us on twitter:@Rack911Labs
Managed Servers (AS62710), Server Management, and Security Auditing.
www.HostingSecList.com - Security notices for the hosting community.


Last edited by Steven; 09-15-2010 at 11:33 AM.
Sponsored Links
  #4  
Old
Junior Guru Wannabe
 
Join Date: Mar 2009
Posts: 63
Quote:
Originally Posted by Steven View Post
They perform different jobs.
I was under the impression they did the same or at least very similar things.

  #5  
Old
Problem Solver
 
Join Date: Mar 2003
Location: California USA
Posts: 13,197
Quote:
Originally Posted by Logicidea View Post
I was under the impression they did the same or at least very similar things.
They are very similar but they work slightly different.

For what its worth - I get more results from maldet.

__________________
Steven Ciaburri | Proactive Linux Server Management - Rack911.com
System Administration Extraordinaire | Follow us on twitter:@Rack911Labs
Managed Servers (AS62710), Server Management, and Security Auditing.
www.HostingSecList.com - Security notices for the hosting community.

  #6  
Old
WHT Addict
 
Join Date: Apr 2009
Location: Athens,Greece
Posts: 105
which other scripts will you suggest performing similar job to cxs?
intergrated with cpanel , are there any available for free

__________________
k-planethost
shared hosting,reseller vps at http://k-planet.gr

  #7  
Old
Web Hosting Guru
 
Join Date: Mar 2010
Posts: 261
Maldet does not detect all malicious scripts.

Opt for cxs.

__________________
Hillock Hosting
Unlimited Hosting Solution
Reliable Shared | Reseller| VPS Hosting Services

  #8  
Old
Junior Guru Wannabe
 
Join Date: Aug 2008
Location: Troy, MI
Posts: 62
Quote:
Originally Posted by Hillockhosting View Post
Maldet does not detect all malicious scripts.

Opt for cxs.
One could argue the very same for CXS, none will detect every single threat. However, LMD is community supported and allows for users to easily submit signatures for addition to the project in addition to some glaring project principles that set it apart from CXS, in how signature data is gathered and features such as real-time monitoring.

Check out http://www.rfxn.com/projects/linux-malware-detect/ for all the details and the latest blog post for LMD at:
http://www.rfxn.com/signature-updates-threat-database/

__________________
Ryan MacDonald
Lead Administrator | TotalChoice Hosting
Choice Does Matter! | Serving over 26,000 clients

  #9  
Old
Problem Solver
 
Join Date: Mar 2003
Location: California USA
Posts: 13,197
Quote:
Originally Posted by Hillockhosting View Post
Maldet does not detect all malicious scripts.

Opt for cxs.
Correct. However Maldet finds scripts that cxs doesnt find. Clamav finds scripts that neither of them find. Both of them find scripts that clamav does not find.

Point here is - overlap them. It will be better for your servers health.

__________________
Steven Ciaburri | Proactive Linux Server Management - Rack911.com
System Administration Extraordinaire | Follow us on twitter:@Rack911Labs
Managed Servers (AS62710), Server Management, and Security Auditing.
www.HostingSecList.com - Security notices for the hosting community.

  #10  
Old
Junior Guru
 
Join Date: Sep 2007
Location: Vijayawada
Posts: 185
Our thoughts are similar to Steven's in a way.
How about an authoritative and all-inclusive signature database, which can be used by all these so that everyone get benefited?

__________________
TUXG Hosting - shared hosting simplified
Linux | BSD ~ Joomla | Drupal
o 99.9% Uptime o Anytime Phone Support o 30-day Moneyback



Last edited by tuxg; 09-18-2010 at 03:16 PM.
  #11  
Old
Problem Solver
 
Join Date: Mar 2003
Location: California USA
Posts: 13,197
Quote:
Originally Posted by tuxg View Post
Our thoughts are similar to Steven's in a way.
How about an authoritative and all-inclusive signature database, which can be used by all these so that everyone get benefited?
Differences in opinions will never let that happen.

__________________
Steven Ciaburri | Proactive Linux Server Management - Rack911.com
System Administration Extraordinaire | Follow us on twitter:@Rack911Labs
Managed Servers (AS62710), Server Management, and Security Auditing.
www.HostingSecList.com - Security notices for the hosting community.

  #12  
Old
Junior Guru
 
Join Date: Apr 2002
Location: Canada
Posts: 246
Quote:
Originally Posted by tuxg View Post
Our thoughts are similar to Steven's in a way.
How about an authoritative and all-inclusive signature database, which can be used by all these so that everyone get benefited?
By working with ClamAV malware team to exchange signature data and along with the CymRU malware hash registery, the LMD project contributes back to the malware detection community at large and helps to strengthen other existing tools in providing accurate and current threat detection. I should also point out that LMD also helps CXS by doing this in that CXS is a wrapper for ClamAV to an extent and in improving ClamAV malware detection, LMD is indirectly improving CXS.

__________________
'Make no mistake, the odds are not in your favor -- you have to patch every hole,
but an attacker need find only one to get into your environment.'

R-fx Networks - Linux Software & Blog | http://www.rfxn.com


  #13  
Old
Web Hosting Master
 
Join Date: Jan 2007
Posts: 584
Are these very resources expensive? Which one is the lightest to run on shared hosting environment?

__________________
Peter Orga-Sales -sales@sexywing.com
SexyWing - flying adult hosting service
Profitable adult hosting provider Since 2006
http://www.sexywing.com

  #14  
Old
Problem Solver
 
Join Date: Mar 2003
Location: California USA
Posts: 13,197
The initial scan from lmd is resource expensive, further scans are not.

Reply

Similar Threads
Thread Thread Starter Forum Replies Last Post
rkhunter or Linux Malware Detect xmlxp Hosting Security and Technology 4 08-19-2010 06:38 PM
eXploit Scanner (cxs) relaxiha Hosting Security and Technology 21 07-05-2010 02:01 PM
ConfigServer cPanel Server Security, Setup and AntiSpam/Exploit Check Services chirpy Systems Management Offers 0 02-22-2010 07:24 AM
Linux scanner for malware? stablehost Running a Web Hosting Business 15 12-22-2009 11:45 AM
ConfigServer eXploit Scanner (cxs) - Released! chirpy Software & Scripts Offers 4 11-19-2009 07:26 PM

Related posts from TheWhir.com
Title Type Date Posted
Linux Malware Operation Windigo Infects 25,000 Web Servers Web Hosting News 2014-03-19 11:44:53
Hard-to-Find Malicious DLL Found in Some Microsoft IIS Web Servers Web Hosting News 2013-12-10 12:52:53
Apache Malware Darkleech Spreads Rapidly with Increase in Attacks Web Hosting News 2013-07-03 12:11:03
Researchers Urge System Admins to Check for New Apache Web Server Backdoor Malware Web Hosting News 2013-05-01 11:35:53
1&1 Survey Finds UK Consumers Skeptical of Small Business Security Online Web Hosting News 2013-01-21 13:38:01


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
WHT Host Brief Email:

We respect your privacy. We will never sell, rent, or give away your address to any outside party, ever.

Advertisement:
Web Hosting News:
WHT Membership
WHT Membership



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?