Why didn't this get quarantined?
Posted: 15 Jan 2013, 14:22
Hello,
CXS 'seems' to have identified this, but for some reason it's not getting quarantined. We've looked over the settings and we must just be missing it. Why isn't this getting quarantined?
Scanning FTP file...
Time : Tue Jan 15 07:07:35 2013 -0600
FTP user : #####
FTP file : /home/#####/public_html/cgi-bin/dm/dm.cgi
FTP owner : ##### (931)
Remote IP : ##.##.##.## (##.##.##.##)
Blocked : No
Deleted : No
Quarantined: No
----------- SCAN REPORT -----------
(/usr/sbin/cxs --qoptions Mv --timemax 30 --quiet --options mMOLfSGchexdnwZDR --doptions Mv --filemax 10000 --ignore /etc/cxs/cxs.ignore --virusscan --sizemax 500000 --ftp --summary --quarantine /home/cxs-quarantine --mail root --clamdsock /tmp/clamd --exploitscan /home/#####/public_html/cgi-bin/dm/dm.cgi)
# Suspected exploit file:
'/home/#####/public_html/cgi-bin/dm/dm.cgi'
# Linux Binary/Executable [application/x-executable]:
'/home/#####/public_html/cgi-bin/dm/dm.cgi'
CXS 'seems' to have identified this, but for some reason it's not getting quarantined. We've looked over the settings and we must just be missing it. Why isn't this getting quarantined?
Scanning FTP file...
Time : Tue Jan 15 07:07:35 2013 -0600
FTP user : #####
FTP file : /home/#####/public_html/cgi-bin/dm/dm.cgi
FTP owner : ##### (931)
Remote IP : ##.##.##.## (##.##.##.##)
Blocked : No
Deleted : No
Quarantined: No
----------- SCAN REPORT -----------
(/usr/sbin/cxs --qoptions Mv --timemax 30 --quiet --options mMOLfSGchexdnwZDR --doptions Mv --filemax 10000 --ignore /etc/cxs/cxs.ignore --virusscan --sizemax 500000 --ftp --summary --quarantine /home/cxs-quarantine --mail root --clamdsock /tmp/clamd --exploitscan /home/#####/public_html/cgi-bin/dm/dm.cgi)
# Suspected exploit file:
'/home/#####/public_html/cgi-bin/dm/dm.cgi'
# Linux Binary/Executable [application/x-executable]:
'/home/#####/public_html/cgi-bin/dm/dm.cgi'