Hi,
I really like the CSF tool but am getting lots of alerts for suspicious process and excessive resource usage . These are for processes I know about and am ok with the resource usage.
I've got them filtered to go into a special mail folder, but the constant alerting obscures when I get an email I want to read. Similarly, I'll never know if I really DO have something problematic because the...
I have tried using different paths and regular expressions pointing to the executable that is causing me constant excessive resource emails but I can't seem to find the right one. I am currently getting that the executable is the following:
what can i do ? i have changed all account passwords but somwthing continue to create this process.
This is a joomla website (updated) . I need exploit scanner?
Since the last week my CSF install stops in the morning. I cannot find why and it does not restart by itself. I run start manually and runs all day without problem.
In the Logs i see this:
Nov 27 03:25:20 emma lfd : iptables appears to have been flushed - running *csf startup*...
Nov 27 03:25:25 emma lfd : csf startup completed
Nov 27 03:25:25 emma lfd : *Error* csf reported an error...
For the last week or so a server has had a very high load. The server has 4G of RAM and only has 6 websites on it and they are very low usage. When viewing the top processes LFD is always the top process and throughout the day, I get email notices from the server that it is out of memory and has killed and restarted lfd. Here is the top process on the server currently showing it using 60% of...
This has started happening since 10.04 as far as we can tell. We'll reload CSF (csf -r) and all is good, 5 minute later the v6 rules have gone. We have some rules:
tcp|out|d=1234|d=host.example.org
Where host.example.org has a single v4 and single v6 address.
The v4 rules get created, the v6 rules are created, but then when the dyndns timer expires and the rules should be re-created, they...
I have a Centos 6 cPanel server, which has only recently been setup (within the last month).
I have installed and configured CSF, and it works very well for the most part. However, I noticed that the server's time has started running slow. At first, when I tried to re-sync manually, CSF blocked the Time Server, but I resolved this, and now manual syncing works well. However, I have...
If you disable LFD in the CSF configuration (LF_DAEMON = 0 ) it will still be enabled in systemd. This means that systemd will try to start LFD on boot. That will fail because if LFD is disabled in the configuration the lfd binary will immediately kill it's own process.
root@server:~/csf# lfd
Killed
This is caused by line 6704 in /usr/sbin/lfd (version 10.00).
I don't know what I'm doing wrong. Messenger works and it gives me the screen when I get blocked, but when I pass the reCAPTCHA (and I get the confirmation message) it doesn't unblock the IP, temp block or perm block.
How could I debug this? Is it the user that I created for it to run? I created it like this: useradd -rUM -s /sbin/nologin csf
Hi security guys,
Blocking ports doesn't seem to be working for me in CSF. I am also using csf from webmin console.
Have removed port 80 from TCP_IN, UDP_IN, TCP6_IN, UDP6_IN and restarted it through csf -r
still i can see 80 is not blocked yet from outside.
=======================
# ./csftest.pl
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum