Results 11 to 14 of 14
I'm not good enough with "locate" to yet know how to separate out by date but I'm certain it can be done. try "man locate" for options. Full path to ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 08-05-2012 #11
- 08-29-2012 #12
- Join Date
- Aug 2012
I think my previous F Opyum Team attack, have created/installed some malware within my pages. So now my homepage activates malware but only sometimes. Not with every request.
Is there anyway to find the malware and fix the issue without restoring any backup?
I have a VPS/Webmin/CentOS 5 or 6 im not sure.
- 08-29-2012 #13
Previous recommendation still stands.
Install from scratch.You must always face the curtain with a bow.
- 08-30-2012 #14
- Join Date
- Aug 2009
As far as I've seen Opyum is only deployed after the attacker gained root so the notion of somehow being able to "contain and clean up" is completely misplaced and any attempt at doing so anyway will prove to be a waste of time. If you're one of those users who chose Linux because it was a cheap deal (kind of evidenced by you saying "i am not good with linux commands" and using a web-based server management panel) then you should realize that because Linux is available free of cost does not mean using it is free of responsibilities.
It would be best if you start by gaining basic and admin Linux knowledge (search for "Rute" and see your distributions documentation to start with) and use a local Linux installation to practice (use any virtualization like QEmu, VirtualBox, VMWare or whatever you prefer) and mimic / mirror your production host on. After you feel comfortable enough you should ask your host for a clean installation (meaning no running publicly accessible services except SSH), properly harden it and only then configure and harden your publicly accessible services.
Security being an ongoing process what I've outlined is in a nutshell the start of things and doesn't include everything you should do to have and maintain a well-performing, trustworthy system. If that sounds like too much for you then try to see things from a different point of view: your unique (let's hope so) web site content and the time and effort you put into things represents an investment. And only a fool would think an investment doesn't need protecting.