ConfigServer eXploit Scanner (cxs) installation on CentOS and DirectAdmin پرینت

  • 6

In this how to we are going to install ConfigServer eXploit Scanner (cxs) on a server with CentOS and DirectAdmin installed.


We need to install some prerequisites before we can install css, otherwise we’ll get errors like this:


Can’t locate Archive/ in @INC (@INC contains: /etc/cxs /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at (eval 41) line 2.
BEGIN failed–compilation aborted at (eval 41) line 2.



If you start cxswatch from command line, you’ll get this…


Starting cxswatch daemon:Can’t locate Linux/ in @INC (@INC contains: /etc/cxs /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /etc/cxs/ line 8.
BEGIN failed–compilation aborted at /etc/cxs/ line 8.



Install prerequisites:

yum install cpan
cpan -i Archive::Zip
cpan -i Archive::Tar
rpm -Uvh epel-release-6*.rpm
yum install perl-Linux-Inotify2

Also make sure you have installed Mod_Security, “Install Mod_Security on a DirectAdmin box” for a step by step guide.

Next we are going to install ClamAV on our server. This can be done via the custom build script that is included in DirectAdmin, use this guide: http://help.directad...item.php?id=370


Download and install cxs:

tar -xzf cxsinstaller.tgz
rm -fv cxsinstaller.*

Now you have to determine what your cxs parameters will be. You can do this via your Admin panel, there’s a new option called “ConfigServer exploit Scanner”. When you determined the startup parameters, add it to /etc/cxs/ Example:

/usr/sbin/cxs --Wstart-Wmaxchild3--Wloglevel0--Wsleep3--report /var/log/cxs.scan --logfile /var/log/cxs.log --mail --exploitscan --virusscan --nosversionscan -I /etc/cxs/cxs.ignore -Q /home/quarantine --options mMOfSGchdnwZRD --qoptions Mhv--summary -C /tmp/clamd.socket -T 5--allusers

And finally you can start cxswatch:

service cxswatch start

آیا این پاسخ به شما کمک کرد؟

« برگشت