Security Basics mailing list archives
Re: does any program to monitor files on a linux shared host?
From: BH <lists () blackhat bz>
Date: Fri, 23 Sep 2011 01:37:34 +0800
If the site is important, please please please consider a VPS or dedicated server. I would never use shared hosting for an important site, a _LOT_ of people seem to deploy a Joomla/Wordpress/<Insert CMS/Forum/etc.> and then leave it with no updates.
With that out of the way, it would be trivial to write a perl script that recurses doing an md5 of files to compare to another file or database and check for extra files. You should be able to run that as a cron then. Depending on how paranoid, do an import with a known good copy of the database/file and script to ensure that nothing has changed and the hashes just updated by the attacker.
If you are running a VPS or dedicated server I would recommend using ossec for this task. I was interested in doing this exact task and moved all of my sites onto a few VPS's around the place and use ossec as it does this exact job perfectly.
On 22/09/2011 9:36 PM, Ali Asghar Toraby Parizy wrote:
Hi I have a site that is performed on linux server (www.inmotionhosting.com) . The only tool that I can use is cpanel, because it is a shared host. I'm going to find a program to monitor files in shared host? I don't know what is the name of the such program. But I'm looking for a program like SIEM for shared http servers. I want know wich file is accessed without sufficient authorizations. does exsit any program to do this on a linux shared host? Who can help me? ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- does any program to monitor files on a linux shared host? Ali Asghar Toraby Parizy (Sep 22)
- Re: does any program to monitor files on a linux shared host? BH (Sep 23)
- Re: does any program to monitor files on a linux shared host? Todd Haverkos (Sep 23)