Scan with iScanner
Server hacking is a common problem that webhosts face. The intrusion can be caused by several reasons like malicious scripts, vulnerabilities in the server etc.
Get started with iScanner
Download iScanner from here. And extract it :
# tar -zxvf iscanner.tar.gz
Since the tool doesn’t need any external libraries, you just need Ruby enabled in the server. The installation steps are described here in detail.
The page also give you various usage options. A few common ones are :
iscanner -f : Use this option to select the folder you want to be scanned(say /home/user/public_html).
iscanner -F : Use this option to scan a specific file(say /var/html/suspicious-home.php).
iscanner -m : This allows iScanner to send a copy of the infected log to selected email address. Usage is :
iscanner -f /home/user/public_html -m email@example.com
iscanner -c : This option will remove the malicious code from the infected files with out deleting the infected files. Be sure to check the iscanner log, to ensure that only malicious code is removed.
There are many other iScanner options available (iscanner -h). You can also configure iScanner to scan all files uploaded by users using ftp server and send email alert if malicious file has been detected.
In short, iScanner is a handy tool that makes life easier for a system/website administrator.
About the Author :
Anju KA works as a Senior Software Engineer in Bobcares. She joined Bobcares back in 2008.
Edited by Sankar H