The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

eximscan x mailscanner and security issue

Discussion in 'Security' started by claudio, Sep 12, 2004.

  1. claudio

    claudio Well-Known Member

    Joined:
    Jul 31, 2004
    Messages:
    201
    Likes Received:
    0
    Trophy Points:
    16
    Hi Guys

    In my RH9 box i have the following sentence on my serverstatus:

    exim (exim-4.41-140_cpanel_stmpcontrol_antivirus_rewrite_mailman2_maskedmailtrap_exiscan)

    Does it means i have already installed exiscan and exim antivirus ?

    Should i consider in installing mailscanner? Should i install clamd? i searched in ssh and i just found /scripts/checkstatus_clamd but it seems not to be installed...

    by the way in my logwacth i always realize some asian ip adressess trying to login and as i already disable root login and put some of then in my hosts.deny list but as well i have a apf installed and both of my local adls providers are dynamic ips do you think should i keep on putting their ips in my hosts.deny? or is there other efficient way to handle this?

    i also wanna know where is located ssh access log files cause i just see then in my email after my cron send it to me and should i disable iptables after installing apf (i did that)?

    Thanks and regards

    Claudio
    :confused:
     
    #1 claudio, Sep 12, 2004
    Last edited: Sep 12, 2004
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    A lot of separate questions:

    1. All that the exim line means is that you have exim installed that is capable of using exiscan, not that it is installed and configured.

    If you do want MailScanner, then I can recommend the installer at:
    http://www.webumake.com/free/mailscanner.htm

    ClamAV is a separate matter. You could install the cPanel clamavconnector (under WHM > Addon Modules) which installs its own copy of ClamAV, or you could install it and use it through MailScanner using the following information:
    http://forums.cpanel.net/showthread.php?s=&threadid=24718

    2. I believe that APF loads the kernel modules it requires to run its iptables firewall, so the iptables startup may not be necessary - you'll soon find out after a reboot if APF doesn't start. However, it's certainly not necessary to stop iptables running as APF will flush any rules before loading.

    3. The SSH logins (on a Linux server) are logged to:
    /var/log/secure
    /var/log/messages

    Logins in general are logged to /var/log/wtmp which is read using the last utility:

    last -da
     
  3. cguimont

    cguimont Well-Known Member

    Joined:
    Jul 13, 2004
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    lol chirpy...
    I find it funny, because there are a lot of people asking questions on mailscanner.. and it's always the same answer...

    Some peoples should make searches in the forums before asking questions..

    anyways, thanks for your devotion chirpy
     
  4. claudio

    claudio Well-Known Member

    Joined:
    Jul 31, 2004
    Messages:
    201
    Likes Received:
    0
    Trophy Points:
    16
    Dear Chirpy

    Thanks a lot for your patience

    APF seems to be running without iptables (or at least without iptables start up)

    Anyway i will install masilscanner as well as clamav..

    Thanks Again

    Claudio
     

Share This Page