Atomicorp

Check out http://code.google.com/p/naxsi/
From what I understand it doesn't use signatures at all. It uses another method which can supposedly detect new/unkown attacks.
v0.1 was only released 5 days ago so it might be a while until you can use on a production server. I'll test it on a vps though.

If you're using a db for the maps on your postfix server then it shouldn't be too hard. Give your postfix db user permission to connect from the plesk box. Write a shell script (or scripts) on plesk box for modifying the postfix db on external mail server. Add the event triggers in plesk for mail ac...

I didn't see all of the deps in art yet so I went through and found versions that work with the imapsync package from art. Some of the newer packages didn't work so I used the rpmforge versions from the dag repo. Thankfully it's working wonderfully now. This dep list might be missing a few depending...

- Update - I also just tonight received a bounce for an email that I sent a minute earlier however the bounce has the wrong email address. I sent an email to a verified working yahoo email address and this is the bounce I received: Hi. This is the qmail-send program at mydomain.com. I'm afraid I wa...

I received a failure notice for a bounce but the email should not have been sent to the bad email address in the first place because it's my logwatch email. I received the regular logwatch email a minute before the failure notice. The same thing happened at the same time with 2 other nightly log ema...

This is an older thread but for people looking for a solution to the problem try this: It may be as easy as restarting clamd. It was in my case. To be sure though go through these steps: ps -ef | grep clamd Look at the first column. If the user is clamd and not qscand then check the clamd conf file ...

I want to allow websites on the server to be able to run php scripts on another website hosted on the same server without allowing them to view the code for the actual scripts. After working on it for a little while I realized that it's probably not possible without obfuscating the code. This is wha...

This morning I had a lot of spam go through one of my plesk 8.4 centos5 servers. /usr/local/psa/var/log/maillog has this: Sep 1 05:14:24 orange2 relaylock: /var/qmail/bin/relaylock: mail from 220.171.139.240:4813 (not defined) Sep 1 05:14:25 orange2 smtp_auth: SMTP connect from (null)@(null) [220.17...

Thats a marketing number change if Ive ever seen one. You know my opinion on updates.. let it soak. Oh it's definitely a marketing thing. Read the first post by sergius on this page http://forum.swsoft.com/showthread.php?t=53781&page=2 Lol. That made my day. Any confirmation on whether domainKe...

I forgot to specify versions in my original post. Since it's benign I'm not worried but here is some current package info anyway: rpm -qf /etc/security/pam_env.conf pam-0.99.6.2-3.26.el5 pam-0.99.6.2-3.26.el5 rpm -qa | grep pam- psa-libpam-plesk-8.4.0-cos5.build84080425.19 pam-devel-0.99.6.2-3.26.el...

I use a 3Ware 9650SE and 9550SX (both on RAID 5) and they both work really well with centos 5 and asl without having to install additional drivers. I also recommend the BBU module if you aren't already planning on it.

# rpm -qf /usr/local/expand/sbin/expandom expand-2.2.1-27 # rpm -qf /usr/local/expand/sbin/expandtm expand-2.2.1-27 expandom and expandtm are running now however it looks like pax needs to be disabled for everything else in the '/usr/local/expand/sbin' directory. :?: Would it be a bad idea to do 'ch...

I installed the asl kernel but now I'm getting an error when trying to start the expand services. My guess is that PaX is the cause. Here's the error: # service expandtm start Starting expandtm: /usr/local/expand/sbin/expandtm: error while loading shared libraries: libexp.so: cannot enable executabl...

I was wondering if ASL is a good solution for and/or has been tested on a server with Plesk Expand and the centralized dns controller. It doesn't host any websites and doesn't have psa on it. But I still wanted some extra security and a hardened kernel. Specs: CentOS5 64bit (2.6.18-8.1.15.el5) bind-...

I am receiving some odd errors whenever there is a successful connection to the ftp server. Here is an excerpt from /var/log/secure: proftpd: Deprecated pam_stack module called from service "proftpd" last message repeated 2 times proftpd: pam_unix(proftpd:session): session opened for user ...