Maldet alert on bandmin
hi all .
in the never ending search for security i've installed maldet (Linux Malware Detect | R-fx Networks).
CENTOS 6.5 x86_64 kvm " WHM 11.42.0 (build 21)
its flagging bandmin as a problem.
searched google and i see there was a problem a few months ago with that was fixed.
so should maldet be flagging the files still ?
did a whm forced update to try and make sure and still the same.
bandmin is $VERSION = "1.6.1";
{HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/bandminstart
{HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/services.conf
{HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/bandmin
{HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/ipaddrmap
{HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/bmversion.pl
{HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/bandmin.conf
{HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/bandminconf
{HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/htdocs/index.cgi
{HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/bandminstop
-
My current maldet flags these too. Just add /usr/local/bandmin/ to /usr/local/maldetect/ignore_paths echo "/usr/local/bandmin/" >> /usr/local/maldetect/ignore_paths0 -
Hello :) You could compare the md5sum values of those files on your server to those of a clean server using the same version of cPanel if you were concerned about the legitimacy of the files themselves. Thank you. 0
Please sign in to leave a comment.
Comments
2 comments