The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Maldet alert on bandmin

Discussion in 'Security' started by nagyosha, Mar 15, 2014.

  1. nagyosha

    nagyosha Member

    Joined:
    Mar 9, 2014
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    hi all .
    in the never ending search for security i've installed maldet (Linux Malware Detect | R-fx Networks).
    CENTOS 6.5 x86_64 kvm – WHM 11.42.0 (build 21)

    its flagging bandmin as a problem.
    searched google and i see there was a problem a few months ago with that was fixed.
    so should maldet be flagging the files still ?
    did a whm forced update to try and make sure and still the same.
    bandmin is $VERSION = "1.6.1";


    {HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/bandminstart
    {HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/services.conf
    {HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/bandmin
    {HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/ipaddrmap
    {HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/bmversion.pl
    {HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/bandmin.conf
    {HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/bandminconf
    {HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/htdocs/index.cgi
    {HEX}perl.generic.fakeproc.49 : /usr/local/bandmin/bandminstop
     
  2. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    My current maldet flags these too.

    Just add /usr/local/bandmin/ to /usr/local/maldetect/ignore_paths

    Code:
    echo "/usr/local/bandmin/" >> /usr/local/maldetect/ignore_paths
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    You could compare the md5sum values of those files on your server to those of a clean server using the same version of cPanel if you were concerned about the legitimacy of the files themselves.

    Thank you.
     
Loading...

Share This Page