LinkBack URL
About LinkBacksQuarantine files not overwrited... But your ide is good, i will do it..Originally Posted by JamesSmith
Quarantine files not overwrited... But your ide is good, i will do it..
Also, a neat feature would be to create a directory named after the username in the quarantine directory. As if more than one account becomes compromised and uploads done at the same time we could have the same files being quarantined, overwriting each other.
/quarantine/username/infectedfiles
The current download is missing ftp_clamscan_config.php. Can you please provide me a working ftp_clamscan_config.php file?
Could you provide manual for installing it on PROFTPd?
Thank you
Updated !!!
check it out : anti-gumblar.oxio.net
I can find only instructions for pureftpd there..
I do exact know that proftpd can use clamav for file scanning.
and I think this functionality can help
Not yet... But I'm planning to add proftpd support. But I guess proftpd has not similar function to check files after or while upload...
:cool:
Whoa. This is probably the most useful script I have seen. Installed it, runned some tests, looks perfect and does it's job.
hidonet, please keep up the great job. People, if you like the script, donate. He is doing this for free.
hidonet, I would suggest one thing to fix for some future release:
1. All infected files gets transfered in /quarantine/clamav. If you could make it /quarantine/clamav<username>/ would be great!
Hello,
There is an iframe exploit, which generates .pl files and those start sending mails from server localhost.
Is this give protection for this also ?
I can add if you want.
Please send me the content of file. Please make zip and send to hidonet [at] oxio.net
This script seems very insteresting and useful, for some reason it does not work in my server... I will keep trying to get it to work..
if your server is linux/cpanel/pure-ftpd script can work. if you are getting errors please tell me. i can help you for fix these problems..
Hi great work !!
I honestly appreciate what you have made for the community.
I would like to request 2 things to enhance the features:
1. I have two servers and get the alerts on the same email address for both the servers. Can you add the server hostname in the email subject? like:
Gumblar Attack !!! user : trafficn on [HostNameHere]
2. when the files are quarnteened, its a very logical and good idea to move the files to directories with the username.
I;d request you add the username dir so the file is moved to the relevent user folder. like:
/quarantine/clamav/UserNameHere/infectedfile.ext
Thanks and hope these can be implemented in the next update.
Ok I will do these requests in next release ( soon )...
Reply With Quote