Disable or Limit - Trojan Detection

skimpydog

Member
Jun 15, 2006
5
0
151
Hello,
I am new to cPanel and WHM, and I have been asked to help an individual with an issue.

The Trojan Detection System is having false positives on a FreeBSD box, and it is irritating this individual. Ultimately he wants the Trojan Detection System to be disabled - or to filter the processes that are hidden (maybe a small list of good processes that are running hidden such as dhclient and kerntz). Neither of these are compromised, but WHM is sending messages about these processes being hidden.

<snip>
Hidden Pid detected! [pid 31]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/sbin/adjkerntz]

Hidden Pid detected! [pid 143]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/sbin/dhclient]
</snip>

I have noticed in his WHM in the security section the option for doing a quick scan, and for the Trojan scan are not there (this is to say there are no "icons" that would allow you to choose to do a scan at all...).

"Fix Insecure Permissions (Scripts)"

"Manage Wheel Group Users"

"Modify Apache Memory Usage"

"Tweak Security"

This is the entire list in the security section. Does this sound/look right?? Is there anyway to disable or filter the Trojan Detection System??

I appreciate your time,
Regards
 

Attachments

skimpydog

Member
Jun 15, 2006
5
0
151
BSD does show false positives, and and I do not know of any way to make the processes nonresponsive to the cPanel Trojan Detection System (I have not attempted to make a method to filter these out).

Several users have wanted to disable the cPanel Trojan detection System all together due to this issue.