09-15-2010, 11:15 AM
|
|
Junior Guru Wannabe
|
|
Join Date: Mar 2009
Posts: 63
|
|
Linux Malware Detect vs ConfigServer eXploit Scanner
Any experience in using these tools. Do they achieve the same results? CSX has the advantage of being integrated in cPanel but the disadvantage of not being free.
|
09-15-2010, 11:24 AM
|
|
Disabled
|
|
Join Date: May 2006
Posts: 1,398
|
|
cxs hands down, maldet is good free software but cxs is real good if you can afford it
|
09-15-2010, 11:30 AM
|
|
I like ice cream
|
|
Join Date: Mar 2003
Location: California USA
Posts: 11,637
|
|
They perform different jobs.
Anyway:
Maldet is actively worked on with hundreds of new signatures added every month. Ryan is also working with clamav to have those same signatures included in their software.
FYI: CXS is not going to detect malware that has been uploaded through an RFI exploit unless you run an on-demand scan.
Last edited by Steven; 09-15-2010 at 11:33 AM.
|
09-15-2010, 11:40 AM
|
|
Junior Guru Wannabe
|
|
Join Date: Mar 2009
Posts: 63
|
|
Quote:
Originally Posted by Steven
They perform different jobs.
|
I was under the impression they did the same or at least very similar things.
|
09-15-2010, 11:42 AM
|
|
I like ice cream
|
|
Join Date: Mar 2003
Location: California USA
Posts: 11,637
|
|
Quote:
Originally Posted by Logicidea
I was under the impression they did the same or at least very similar things.
|
They are very similar but they work slightly different.
For what its worth - I get more results from maldet.
|
09-16-2010, 04:08 AM
|
|
WHT Addict
|
|
Join Date: Apr 2009
Location: Athens,Greece
Posts: 105
|
|
which other scripts will you suggest performing similar job to cxs?
intergrated with cpanel , are there any available for free
|
09-16-2010, 05:15 AM
|
|
Web Hosting Guru
|
|
Join Date: Mar 2010
Posts: 261
|
|
Maldet does not detect all malicious scripts.
Opt for cxs.
__________________
Hillock Hosting
Unlimited Hosting Solution
Reliable Shared | Reseller| VPS Hosting Services
|
09-16-2010, 03:36 PM
|
|
Junior Guru Wannabe
|
|
Join Date: Aug 2008
Location: Troy, MI
Posts: 62
|
|
Quote:
Originally Posted by Hillockhosting
Maldet does not detect all malicious scripts.
Opt for cxs.
|
One could argue the very same for CXS, none will detect every single threat. However, LMD is community supported and allows for users to easily submit signatures for addition to the project in addition to some glaring project principles that set it apart from CXS, in how signature data is gathered and features such as real-time monitoring.
Check out http://www.rfxn.com/projects/linux-malware-detect/ for all the details and the latest blog post for LMD at:
http://www.rfxn.com/signature-updates-threat-database/
__________________
Ryan MacDonald
Lead Administrator | TotalChoice Hosting
Choice Does Matter! | Serving over 26,000 clients
|
09-17-2010, 01:01 AM
|
|
I like ice cream
|
|
Join Date: Mar 2003
Location: California USA
Posts: 11,637
|
|
Quote:
Originally Posted by Hillockhosting
Maldet does not detect all malicious scripts.
Opt for cxs.
|
Correct. However Maldet finds scripts that cxs doesnt find. Clamav finds scripts that neither of them find. Both of them find scripts that clamav does not find.
Point here is - overlap them. It will be better for your servers health.
|
09-18-2010, 03:12 PM
|
|
Junior Guru
|
|
Join Date: Sep 2007
Location: Vijayawada
Posts: 180
|
|
Our thoughts are similar to Steven's in a way.
How about an authoritative and all-inclusive signature database, which can be used by all these so that everyone get benefited?
__________________
█ TUXG Hosting - shared hosting simplified
█ Linux | BSD ~ Joomla | Drupal
█ o 99.9% Uptime o Anytime Phone Support o 30-day Moneyback
Last edited by tuxg; 09-18-2010 at 03:16 PM.
|
09-18-2010, 04:16 PM
|
|
I like ice cream
|
|
Join Date: Mar 2003
Location: California USA
Posts: 11,637
|
|
Quote:
Originally Posted by tuxg
Our thoughts are similar to Steven's in a way.
How about an authoritative and all-inclusive signature database, which can be used by all these so that everyone get benefited?
|
Differences in opinions will never let that happen.
|
09-19-2010, 01:39 AM
|
|
Junior Guru
|
|
Join Date: Apr 2002
Location: Canada
Posts: 239
|
|
Quote:
Originally Posted by tuxg
Our thoughts are similar to Steven's in a way.
How about an authoritative and all-inclusive signature database, which can be used by all these so that everyone get benefited?
|
By working with ClamAV malware team to exchange signature data and along with the CymRU malware hash registery, the LMD project contributes back to the malware detection community at large and helps to strengthen other existing tools in providing accurate and current threat detection. I should also point out that LMD also helps CXS by doing this in that CXS is a wrapper for ClamAV to an extent and in improving ClamAV malware detection, LMD is indirectly improving CXS.
__________________
'Make no mistake, the odds are not in your favor -- you have to patch every hole,
but an attacker need find only one to get into your environment.'
R-fx Networks - Linux Software & Blog | http://www.rfxn.com
|
09-19-2010, 05:18 AM
|
|
Web Hosting Master
|
|
Join Date: Jan 2007
Posts: 584
|
|
Are these very resources expensive? Which one is the lightest to run on shared hosting environment?
|
09-19-2010, 04:41 PM
|
|
I like ice cream
|
|
Join Date: Mar 2003
Location: California USA
Posts: 11,637
|
|
The initial scan from lmd is resource expensive, further scans are not.
|
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
 Linear Mode
|
| Postbit Selector |
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
|
|
| Login: |
|
|
| Advertisement: |
|
|
| Web Hosting News: |
|
|
|
