[CentOS] How to detect botnet user on the server ?

marcos valentine

msr.mailing at gmail.com
Mon Nov 6 13:06:11 UTC 2017


Hello guys,


Whats is the best way to identify a possible user using a botnet with php
in the server? And if he is using GET commands for example in other server.

Does apache logs outbound conections ?

If it is using a file that is not malicious the clam av would not identify.

Thanks




<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Livre
de vírus. www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>.
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>



More information about the CentOS mailing list