The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Disable or Limit - Trojan Detection

Discussion in 'General Discussion' started by skimpydog, Jun 16, 2006.

  1. skimpydog

    skimpydog Member

    Joined:
    Jun 15, 2006
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Hello,
    I am new to cPanel and WHM, and I have been asked to help an individual with an issue.

    The Trojan Detection System is having false positives on a FreeBSD box, and it is irritating this individual. Ultimately he wants the Trojan Detection System to be disabled - or to filter the processes that are hidden (maybe a small list of good processes that are running hidden such as dhclient and kerntz). Neither of these are compromised, but WHM is sending messages about these processes being hidden.

    <snip>
    Hidden Pid detected! [pid 31]
    hidden from ps: [yes]
    hidden from kernel: [yes]
    binary location: [/sbin/adjkerntz]

    Hidden Pid detected! [pid 143]
    hidden from ps: [yes]
    hidden from kernel: [yes]
    binary location: [/sbin/dhclient]
    </snip>

    I have noticed in his WHM in the security section the option for doing a quick scan, and for the Trojan scan are not there (this is to say there are no "icons" that would allow you to choose to do a scan at all...).

    "Fix Insecure Permissions (Scripts)"

    "Manage Wheel Group Users"

    "Modify Apache Memory Usage"

    "Tweak Security"

    This is the entire list in the security section. Does this sound/look right?? Is there anyway to disable or filter the Trojan Detection System??

    I appreciate your time,
    Regards
     

    Attached Files:

  2. xidica

    xidica Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    63
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Texas
    confirmed

    I've seen the same false positives for BSD processes, anyone? Please?
     
  3. skimpydog

    skimpydog Member

    Joined:
    Jun 15, 2006
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    BSD does show false positives, and and I do not know of any way to make the processes nonresponsive to the cPanel Trojan Detection System (I have not attempted to make a method to filter these out).

    Several users have wanted to disable the cPanel Trojan detection System all together due to this issue.
     
Loading...

Share This Page