• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 417
  • Last Modified:

How can I run Diagnostics/Virus Scan on my Linux Server?

I am concerned about the performance of my Linux server. It's acting... "different".

My suspicions:
10% Virus or Trojan
40% messed up configuration
50% conflicting packages in PHP

I'd really like to rule out the Virus or Trojan.

Is there some way to run a virus/trojan scan on it? (Ubuntu server 6)

Thanks for your time
0
oxygen_728
Asked:
oxygen_728
  • 2
4 Solutions
 
http:// thevpn.guruCommented:
Use top and ps aux to check for CPU and Memory usage. Use jnettop to check for network traffic. Install clamav to do some AV scanning.
0
 
Jan SpringerCommented:
1) www.chkrootkit.org
     easy to install and run.  i use this on my machines.

2) www.mailscanner.info 
    for mail, run MailScanner, Spamassass, ClamAV

3) www.buqtraq.org
    keep on top of vulnerabilities

4) keep a spreadsheet that lists the OS and applications versions
    check them against new releases, particularly security vulnerabilities
0
 
eagerCommented:
If you believe that your Linux system has been compromised, then anything which you run on the system will give you results which are not reliable.  Disconnect the system from the network and boot with a live CD, like Ubuntu.  Then you can run diagnostics.  

There are products like tripwire which will perform an audit of your Linux system. But most depend on your installing a known good system, then installing the product.  
0
 
Jan SpringerCommented:
I'm in agreement with the "if you believe .." - If that's the case, then I would rebuild the machine from scratch.  But the steps up above that I listed are important to be proactive and prevent future intrusions.

Check your httpd log files for unusual activity.  Check "/tmp" for files that shouldn't be there.

If you're using an outdated version of PHP, you stand a chance for a shell kit intrusion.  

Add to that list of security items -> modsecurity for Apache and iptables.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now