I was wondering if there was a malware scanner for websites with up to date exploits for use on a Debian webs server with Apache2.2?
Vulnerability scanners are great, but I also want to be sure that undetected hacking attempts that infect my files with malware get's detected.
I already uses these tools to monitor my system:
- Clam AV (anti virus)
- Paros (vulnerability scanner)
- Wapiti (vulnerability scanner)
- Scrawlr (vulnerability scanner)
- W3af (vulnerability scanner)
- Mod_security
EDIT:
I am looking for something like the Sucuri scanner just installed on my webserver.
Best Answer
Sounds like you have them mostly covered. Do you run a file scanner that runs MD5 hashes to monitor file changes, like Tripwire? That's the best way to detect "unknown" hacks, since it will tell you when files are altered and you don't necessarily know how it happened.