You proably won't find their code using ClamAV. More likely is that
they will inject code in an HREF or some java to download the malicious
content from a different site. My experience is that that they won't
inject code that will be detected by ClamAV, but will inject a pointer
to their code.
You need to know when someone injects code when you are not looking.
More like aide or some other file checker code. Aide will detect if
your files have changed. You can then determine what the changes are or
if someone that is not authorized to make changes is changing your webpages.
IMHO, that is the direction you need to look. ClamAV is not the tool
needed here.
Lyle
beshoo wrote:
my achieve is to stop hackers from saving file to my server via HTTP Post to
php page. or via edit the php file from CPANEL and paste the shellphp code
, that is my goal .
On Mon, Feb 22, 2010 at 7:40 AM, steve <st...@greengecko.co.nz> wrote:
On Mon, 2010-02-22 at 07:10 +0200, beshoo wrote:
Dear all ,
while i am looking on the net , i found the *mod_clamav*
it said that it will protect the HTTP traffic . now what i did to install
it
: PS my server has CPANEL.
[snip]
What are you trying to achieve? I've never used mod_clamav, but it'll be
checking the content that you serve. Is that OK?
Personally, I protect my web *clients* by using squid proxy, integrating
it via havp to a clamd server.
Which - to me - is much more useful.
Steve
--
Steve Holdoway <st...@greengecko.co.nz>
http://www.greengecko.co.nz
MSN: st...@greengecko.co.nz
GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
