ConfigServer eXploit ScannerSecurity
ConfigServer eXploit Scanner (cxs) actively scans files as they're uploaded to the server.
ConfigServer eXploit Scanner (cxs) is a new tool that performs active scanning of files as they are uploaded to the server.
The active scanning of uploaded files can help prevent exploitation of an account by malware by deleting or moving suspicious files to quarantine before they become active. This includes recent exploits such as the Dark Mailer spamming script (multiple variants, including obfuscated code regardless of file name) and files uploaded with the Gumblar Virus. It can also prevent the uploading of PHP and perl shell scripts, commonly used to launch more malicious attacks and for sending spam.
Active scanning is performed on all text files uploaded through:
- PHP upload scripts (via a mod_security or suhosin hook)
- Perl upload scripts (via a mod_security hook)
- CGI upload scripts (via a mod_security hook)
- Any other script type that utilizes the HTML form ENCTYPE multipart/form-data (via a mod_security hook)
ConfigServer eXploit Scanner also allows you to perform on-demand scanning of files, directories and user accounts for suspected exploits, viruses and suspicious resources (files, directories, symlinks, sockets). You can run scans of existing user data to see if exploits have been uploaded in the past or via methods not covered by the active scanning. It has been tuned for performance and scalability.
User Reviews (3)
I installed the free version of this. It fills a major need though fortunately I've only gotten false alarms. It has proven extremely useful in blocking problem countries completely and easily, and apparently quite efficiently as well. Makes it easy to block and unblock IPs. After Mod_Secure, the most useful intrusion detection/prevention tool. My only gripe is the company doesn't tell you when they're updating, so when it auto-updates, it reports to you that its files have changed unexpectedly...
Added by: delphi About 1 year agoOverall rating
I can't believe someone gave this app 1/5 because it's not free. ConfigServer eXploit Scanner is an app that performs real-time scanning of exploits and viruses uploaded via FTP & Web. By default, it watches any changes made to /home/ (configurable to include other folders like /tmp, etc) and once an exploit is detected from their signature list (over 4000+ php exploits, shell scripts, etc), it automatically quarantines the files. We have found that it stops about 80% of script/exploit abuses on a server. It's not perfect, but what solution is? At under $100 for a lifetime license which gets regular updates, it is much better value than other vendors who are charging $30/month for the same solution.
- Auto-Installers (14)
- Backup Utilities (20)
- Billing Automation (22)
- cPanel Conference Exhibitors (6)
- Development Services (4)
- Domains & DNS (14)
- Email Tools (30)
- Misc. Applications (38)
- Mobile Apps (15)
- Multi-Level Reseller (4)
- Security (49)
- SEO & Marketing Tools (5)
- Themes and Skins (6)
- Web Server Alternatives (13)
- Website Builders (19)