Hey guys/gals

My Nobody Check security tool, which was originally developed for Cpanel, has been made available for DirectAdmin users after receiving a great amount of feedback from the current Cpanel users and those who wanted more support!

I need a few beta testers to try it out since I don't actually have a DA server to try it out on :(

The script is safe, I have it auto set to not kill processes as well.

You can read up on the features of Nobody check at: http://www.webhostgear.com/353.html
Don't download that version - it isn't for DA.

Please PM/email me to beta test the new 1.0.3a version of Nobody Check which has Direct Admin support and some great new features like the ability to kill malicious processes, and additional logging.

Email: info (AT ) webhostgear.com

I tested this to see what it realy did ...

he detected da as a milicious process ...

here is the output : Nobody Check 1.0.2
Copyright (c) 2006 Wave Point Media Inc
Made available by www.webhostgear.com
Initializing Scan ...

DETECTION: Process 1429 with name mDNSResponder and path /usr/bin/mDNSResponder
DETECTION: Process 1530 with name directadmin and path /usr/local/directadmin/directadmin
DETECTION: Process 4181 with name directadmin and path /usr/local/directadmin/directadmin
DETECTION: Process 4184 with name directadmin and path /usr/local/directadmin/directadmin
DETECTION: Process 4191 with name directadmin and path /usr/local/directadmin/directadmin
DETECTION: Process 4333 with name directadmin and path /usr/local/directadmin/directadmin
DETECTION: Process 4337 with name directadmin and path /usr/local/directadmin/directadmin

Done
Clean Processes: 0
DETECTED Malicious Processes: 7


I find that a bit strange no?

Yeah you're not suppose to be using 1.02 like I mentioned

"Don't download that version - it isn't for DA. "

You need to PM/email me for a DirectAdmin compatible version to use.

ho, ok, thx :)

i'm setting up some machines right now, so i can test some stuff.

PM sent to you Alrik

Tested on 3 CentOS 4.3 boxes, work fine and it says I'm clean.

Ran it on a CentOS 3.7 box, got this:

Can't locate HTTP/Status.pm in @INC (@INC contains: /usr/lib/perl5/5.8.0/i386-linux-thread-multi /usr/lib/perl5/5.8.0 /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl /usr/lib/perl5/5.8.0/i386-linux-thread-multi /usr/lib/perl5/5.8.0 .) at /usr/bin/GET line 193.
BEGIN failed--compilation aborted at /usr/bin/GET line 193.
Nobody Check 1.0.3a BETA Old Version Please Update
Copyright (c) 2006 Wave Point Media Inc
Made available by www.webhostgear.com
Options: kill bad proc=0 logging lvl=1
Initializing Scan on Thu Aug 24 15:03:40 EDT 2006 ...

httpd is httpd ...clean
httpd is httpd ...clean
httpd is httpd ...clean
httpd is httpd ...clean
httpd is httpd ...clean
httpd is httpd ...clean
httpd is httpd ...clean
httpd is httpd ...clean
httpd is httpd ...clean
httpd is httpd ...clean

Done Scanning
Clean Processes: 10
Your server is all clean and safe - keep up the good work!

Thanks, I'm making changes so this won't happen anymore. I'll have a: 1.03b BETA release available shortly.

I've already overhauled the (a Beta) version :cool:

Ok, let me know when the updated one goes up :)

nice work, if you want test (CentOS 4.3) PM :)


Wael

pmed the results.

nice one indeed, Centos 4.3 64-bit here if you want