Search found 174 matches

by DarkF@der
Fri Nov 27, 2015 9:08 am
Forum: Atomic Protector (formerly ASL)
Topic: mysql connection prob fresh install
Replies: 0
Views: 2165

mysql connection prob fresh install

Hello, I have created a new VPS fresh install of plesk 12.5 Plesk is running fine and i want to install ASL. When installing i get this error: Warning: mysql_connect(): failed to connect to db on 127.0.0.1: Host '127.0.0.1' is not allowed to connect to this MySQL server in component/c_asl_mysql.php ...
by DarkF@der
Wed Sep 02, 2015 4:31 pm
Forum: Atomic Protector (formerly ASL)
Topic: ossec.conf scan time
Replies: 2
Views: 2721

Re: ossec.conf scan time

Nobody?? :oops:
by DarkF@der
Fri Aug 28, 2015 4:38 am
Forum: Atomic Protector (formerly ASL)
Topic: ossec.conf scan time
Replies: 2
Views: 2721

ossec.conf scan time

Hello, I have multiple VPS running on a node with ASL. the ossec.conf tells <frequency>86400</frequency> scantime when ossec-syscheck will scan. But it will hit all the VPS on the same time....., the disks are running bad because on all syscheck hitting the same time. Now i can edit the ossec. conf ...
by DarkF@der
Wed Mar 04, 2015 6:38 am
Forum: General Help and Development Discussion
Topic: Modsecurity nginx failed to work
Replies: 1
Views: 9523

Re: Modsecurity nginx failed to work

Nobody? :oops:

EDIT:

The root cause appears to be related to the use of serial logging in modsecurity.conf:

Code: Select all

SecAuditLogType Serial
i changed to SecAuditLogType Concurrent and now it's working. :lol:
by DarkF@der
Tue Mar 03, 2015 5:11 am
Forum: General Help and Development Discussion
Topic: Modsecurity nginx failed to work
Replies: 1
Views: 9523

Modsecurity nginx failed to work

Hello, I build a machine without plesk and want to use modsecurity on nginx But i don't get it working somehow..... :x i have complied nginx with modsecurity like this [root@xxxxxxxxxxxxx modsecurity-2.9.0]#./configure --enable-standalone-module --disable-mlogc [root@xxxxxxxxxxxxx modsecurity-2.9.0]...
by DarkF@der
Wed Feb 11, 2015 7:43 pm
Forum: General Help and Development Discussion
Topic: Secure SSH with google two factor authentication
Replies: 1
Views: 4019

Secure SSH with google two factor authentication

Hello,

secure your SSH server with easy-to-use two-factor authentication?

Code: Select all

http://www.howtogeek.com/121650/how-to-secure-ssh-with-google-authenticators-two-factor-authentication/
Anyone using this?


Greetz
by DarkF@der
Mon Jan 12, 2015 10:27 am
Forum: General Help and Development Discussion
Topic: Backuppc restore error
Replies: 2
Views: 4825

Re: Backuppc restore error

That's the porblem it doesn't say anything
2015-01-12 11:54:54 restore started below directory / to host xxx.xxx.xxx.xxx
2015-01-12 12:15:01 cleaning up after signal ALRM
2015-01-12 12:15:04 restore failed (aborted by signal=ALRM)
I restore it trough the web interface.
by DarkF@der
Sun Jan 11, 2015 7:04 pm
Forum: General Help and Development Discussion
Topic: Backuppc restore error
Replies: 2
Views: 4825

Backuppc restore error

Hello,

I love backuppc but when i try to resore a vps directory i got a "#tar err"
So i can't restore the vps..

anyone knows what's wrong?

Thnx in advanced
by DarkF@der
Fri Jan 09, 2015 3:40 pm
Forum: Atomic Protector (formerly ASL)
Topic: IP whitelist increases the server load
Replies: 33
Views: 17987

Re: IP whitelist increases the server load

No i'm using centos 6.5
by DarkF@der
Fri Jan 09, 2015 6:40 am
Forum: Atomic Protector (formerly ASL)
Topic: IP whitelist increases the server load
Replies: 33
Views: 17987

Re: IP whitelist increases the server load

Hello Scott i can't find sysdig i also notice slowdowns i also notice when i switch to the normal kernel the server will be faster then i use the ASL kernel. [root@serverxx ~]# yum install sysdig Loaded plugins: fastestmirror Setting up Install Process Loading mirror speeds from cached hostfile * as...
by DarkF@der
Mon Dec 01, 2014 9:05 am
Forum: Atomic Protector (formerly ASL)
Topic: cryptophp
Replies: 11
Views: 7542

Re: cryptophp

faris wrote:How do they install these themes/scripts? If it is FTP, shouldn't ASL detect it via the FTP clamav integration?
i think it's through FTP or wordpress dashboard, i don't know..
by DarkF@der
Sun Nov 30, 2014 7:43 pm
Forum: Atomic Protector (formerly ASL)
Topic: cryptophp
Replies: 11
Views: 7542

Re: cryptophp

On 2 domains we got had the cryptophp maleware installed. Was it installed because the user installed a nulled script? Thats the only vector we've seen so far, if you have a different vector please let us know. thanka for the reply, yeah the user installed these nulled templates or script. Some pee...
by DarkF@der
Mon Nov 24, 2014 2:27 pm
Forum: Atomic Protector (formerly ASL)
Topic: cryptophp
Replies: 11
Views: 7542

Re: cryptophp

Beter use this command:

Code: Select all

find /var/www/vhosts \( -name \*.jpg -or -name \*.png -or -name \*.jpeg -or -name \*.gif -or -name \*.bmp \) -type f -exec file {} \; > scan.out

grep "PHP script text" /root/scan.out
by DarkF@der
Mon Nov 24, 2014 11:50 am
Forum: Atomic Protector (formerly ASL)
Topic: cryptophp
Replies: 11
Views: 7542

cryptophp

On 2 domains we got had the cryptophp maleware installed. We find it with this command find -L / -type f -name 'social.png' | xargs file Has ASL a rule for this???? http://blog.fox-it.com/2014/11/18/cryptophp-analysis-of-a-hidden-threat-inside-popular-content-management-systems/#comments We host a l...