Search found 46 matches
- 13 Dec 2012, 22:52
- Forum: General Discussion (csf)
- Topic: 60 logins per hour in 3600 second interval
- Replies: 1
- Views: 4712
Re: 60 logins per hour in 3600 second interval
Are they checking from multiple devices? IE: computer, phone, tablet... each one will be a login and if they are checking every 3 to 5 minutes on phone and every 3 to 5 minutes on computer etc... Then that will quickly add up.
- 28 Nov 2012, 18:38
- Forum: General Discussion (csf)
- Topic: Cannot start CSF
- Replies: 3
- Views: 4883
Re: Cannot start CSF
This is just a guess, but It seems that some of the iptable modules are missing from your vps. Make sure the following modules are loaded: ipt_MASQUERADE ipt_helper ipt_REDIRECT ipt_state ipt_TCPMSS ipt_LOG ipt_TOS tun iptable_nat ipt_length ipt_tcpmss iptable_mangle ipt_limit ipt_tos iptable_filter...
- 20 Nov 2012, 21:47
- Forum: Suggestions (cxs)
- Topic: Send mail to scripts owner (victims)
- Replies: 13
- Views: 32380
Re: Send mail to scripts owner (victims)
This does not appear to be working properly... I've created the template to look like this: From: support@XXXXX.COM To: [user] CC: [to] Subject: Security Scan detected possible infection. (Hits:[hits]) (Viruses:[viruses]) (Fingerprints:[fingerprints]) Time : [time] User Contact: [user] Our security ...
- 27 Aug 2012, 19:07
- Forum: General Discussion (cxs)
- Topic: plupload.silverlight.xap <- is it safe?
- Replies: 14
- Views: 21784
Re: plupload.silverlight.xap <- is it safe?
Yes it is. Thank you very much.
- 03 Aug 2012, 16:07
- Forum: Suggestions (csf)
- Topic: LFD Feature Request: Slow Attack Check
- Replies: 1
- Views: 3869
Re: LFD Feature Request: Slow Attack Check
I just found 2 IP addresses from Romania, that were sending spam from 4 different, compromised email accounts.
Wonder if this is how they got the login credentials for email??
Wonder if this is how they got the login credentials for email??
- 03 Aug 2012, 15:51
- Forum: Suggestions (cxs)
- Topic: Send mail to scripts owner (victims)
- Replies: 13
- Views: 32380
Re: Send mail to scripts owner (victims)
+1 on this. I think it would be great, if cxs would grab the owners email address (from /var/cpanel/users/username file) and send them an email (that we can customize) that says something like: Our security scanner detected an infection on your site recently and the file has been quarantined. Please...
- 19 Jul 2012, 19:21
- Forum: General Discussion (cxs)
- Topic: plupload.silverlight.xap <- is it safe?
- Replies: 14
- Views: 21784
Re: plupload.silverlight.xap <- is it safe?
So back to the md5sum feature... I have this in my cxs.ignore file # f3c8aaf882d1ed25a7f5fe7fd2ee4d9d is the plupload.silverlight.xap file md5sum:f3c8aaf882d1ed25a7f5fe7fd2ee4d9d hfile:plupload.silverlight.xap hfile:plupload.silverlight.dll Yet I still receive the following email daily: cxswatch Sca...
- 04 Jun 2012, 21:09
- Forum: Suggestions (csf)
- Topic: csf security scan getting wrong PHP version?
- Replies: 1
- Views: 4905
csf security scan getting wrong PHP version?
So just updated one of the servers to the latest csf. csf v5.55 Ran a "Check Server Security" scan and under PHP Version info it says this: Check php version (/usr/local/bin/php) WARNING Any version of PHP (Current: v4.*) older than v5.3.* is now obsolete and should be considered a securit...
- 01 Jun 2012, 22:25
- Forum: Suggestions (cmm)
- Topic: Hourly limit is not compatilbe with 11.32.2
- Replies: 7
- Views: 16120
Re: Hourly limit is not compatilbe with 11.32.2
Still getting this when changing hourly limit for a domain using mail manage...
/scripts/updateemail_limits xxxxxxxx
This command is deprecated, please run /usr/local/cpanel/scripts/updateuserdomains instead
Executing /usr/local/cpanel/scripts/updateuserdomains ...
Changes saved.
/scripts/updateemail_limits xxxxxxxx
This command is deprecated, please run /usr/local/cpanel/scripts/updateuserdomains instead
Executing /usr/local/cpanel/scripts/updateuserdomains ...
Changes saved.
- 25 May 2012, 22:35
- Forum: General Discussion (cxs)
- Topic: plupload.silverlight.xap <- is it safe?
- Replies: 14
- Views: 21784
Re: plupload.silverlight.xap <- is it safe?
Doh... Ignore my question on the hfile deal. I just realized how that's supposed to work
Still do need an answer on the md5sum: however. I think I'm doing that correctly, not 100% sure though.
Still do need an answer on the md5sum: however. I think I'm doing that correctly, not 100% sure though.