Atomicorp

DarkF@der

Hello, I have created a new VPS fresh install of plesk 12.5 Plesk is running fine and i want to install ASL. When installing i get this error: Warning: mysql_connect(): failed to connect to db on 127.0.0.1: Host '127.0.0.1' is not allowed to connect to this MySQL server in component/c_asl_mysql.php ...

DarkF@der

Nobody??

DarkF@der

Hello, I have multiple VPS running on a node with ASL. the ossec.conf tells <frequency>86400</frequency> scantime when ossec-syscheck will scan. But it will hit all the VPS on the same time....., the disks are running bad because on all syscheck hitting the same time. Now i can edit the ossec. conf ...

DarkF@der

Nobody?

EDIT:

The root cause appears to be related to the use of serial logging in modsecurity.conf:

Code: Select all

SecAuditLogType Serial

i changed to SecAuditLogType Concurrent and now it's working.

DarkF@der

Hello, I build a machine without plesk and want to use modsecurity on nginx But i don't get it working somehow..... :x i have complied nginx with modsecurity like this [root@xxxxxxxxxxxxx modsecurity-2.9.0]#./configure --enable-standalone-module --disable-mlogc [root@xxxxxxxxxxxxx modsecurity-2.9.0]...

DarkF@der

Sorry fixed: )

DarkF@der

Hello,

secure your SSH server with easy-to-use two-factor authentication?

Code: Select all

http://www.howtogeek.com/121650/how-to-secure-ssh-with-google-authenticators-two-factor-authentication/

Anyone using this?

Greetz

DarkF@der

That's the porblem it doesn't say anything

2015-01-12 11:54:54 restore started below directory / to host xxx.xxx.xxx.xxx
2015-01-12 12:15:01 cleaning up after signal ALRM
2015-01-12 12:15:04 restore failed (aborted by signal=ALRM)

I restore it trough the web interface.

DarkF@der

Hello,

I love backuppc but when i try to resore a vps directory i got a "#tar err"
So i can't restore the vps..

anyone knows what's wrong?

Thnx in advanced

DarkF@der

No i'm using centos 6.5

DarkF@der

Hello Scott i can't find sysdig i also notice slowdowns i also notice when i switch to the normal kernel the server will be faster then i use the ASL kernel. [root@serverxx ~]# yum install sysdig Loaded plugins: fastestmirror Setting up Install Process Loading mirror speeds from cached hostfile * as...

DarkF@der

faris wrote:How do they install these themes/scripts? If it is FTP, shouldn't ASL detect it via the FTP clamav integration?

i think it's through FTP or wordpress dashboard, i don't know..

DarkF@der

On 2 domains we got had the cryptophp maleware installed. Was it installed because the user installed a nulled script? Thats the only vector we've seen so far, if you have a different vector please let us know. thanka for the reply, yeah the user installed these nulled templates or script. Some pee...

DarkF@der

Beter use this command:

Code: Select all

find /var/www/vhosts \( -name \*.jpg -or -name \*.png -or -name \*.jpeg -or -name \*.gif -or -name \*.bmp \) -type f -exec file {} \; > scan.out

grep "PHP script text" /root/scan.out

DarkF@der

On 2 domains we got had the cryptophp maleware installed. We find it with this command find -L / -type f -name 'social.png' | xargs file Has ASL a rule for this???? http://blog.fox-it.com/2014/11/18/cryptophp-analysis-of-a-hidden-threat-inside-popular-content-management-systems/#comments We host a l...

Atomicorp

Search found 174 matches

mysql connection prob fresh install

Re: ossec.conf scan time

ossec.conf scan time

Re: Modsecurity nginx failed to work

Modsecurity nginx failed to work

Unit ossec.service failed to load: No such file or director

Secure SSH with google two factor authentication

Re: Backuppc restore error

Backuppc restore error

Re: IP whitelist increases the server load

Re: IP whitelist increases the server load

Re: cryptophp

Re: cryptophp

Re: cryptophp

cryptophp