PLANS
OVERVIEW

MANAGED
SUPPORT SERVICE

PLAN
COMPARISON

FREQUENTLY
ASKED QUESTIONS

REALTIME
FILE SCANNER

DOWNLOAD
BROCHURE

RealTime Upload file eXploit Scanner

Due to the high number of threat attacks on Virtual Private Servers, we recommend that you increase the security by installing a RealTIme Upload File scanner in addition to the firewall. A hacker can exploit a compromised user account to upload malicious scripts and inject malicious code into user accounts. RealTIme Upload File scanner will prevent uploads of Shell Scripts and files which contain malicious code and help safeguard your client data. The Upload File Scanner Security Script can also check for existing exploits on the server.

The active scanning of uploaded files can help prevent exploitation of an account by malware by deleting or moving suspicious files to quarantine before they become active. This includes recent exploits such as the Dark Mailer spamming script (multiple variants, including obfuscated code regardless of file name) and files uploaded with the Gumblar Virus, also the recent imgaaa.net defacement scripts. It can also prevent the uploading of PHP and perl shell scripts, commonly used to launch more malicious attacks and for sending spam.

The Upload File Scanner Security Script also allows you to perform on-demand scanning of files, directories and user accounts for suspected exploits, viruses and suspicious resources (files, directories, symlinks, sockets). You can run scans of existing user data to see if exploits have been uploaded in the past or via methods not covered by the active scanning. It has been tuned for performance and scalability. While we cannot guarantee that the measures that we suggest will prevent further exploitation, they should help provide you with more information to help you track down any potential future exploit attempts.

There is a annual fee of Rs. 14500 + GST as applicable for installation, configuration and support for this Service to protect the data of your users.

More Information:

The RealTime file eXploit Scanner is a new tool from us that performs active scanning of files as they are uploaded to the server.

Active scanning can be performed on all text files:

  • Actively scans all modified files within user accounts regardless of how they were uploaded (new in v2)
  • PHP upload scripts (via a ModSecurity hook)
  • Perl upload scripts (via a ModSecurity hook)
  • CGI upload scripts (via a ModSecurity hook)
  • Any other web script type that utilizes the HTML form ENCTYPE multipart/form-data (via a ModSecurity hook)
    Pure-ftpd uploads

The active scanning of files can help prevent exploitation of an account by malware by deleting or moving suspicious files to quarantine before they become active. It can also prevent the uploading of PHP and perl shell scripts, commonly used to launch more malicious attacks and for sending spam.

The RealTime file eXploit Scanner also allows you to perform on-demand scanning of files, directories and user accounts for suspected exploits, viruses and suspicious resources (files, directories, symlinks, sockets). You can run scans of existing user data to see if exploits have been uploaded in the past or via methods not covered by the active scanning. It has been tuned for performance and scalability.

Exploit detection includes:

  • Over 6000 known exploit script fingerprint matches (in addition to standard ClamAV detection)
  • Known viruses via ClamAV
  • Regular expression pattern matching to help identify known/unknown exploits
  • Filename matching
  • Suspicious file names
  • Suspicious file types
  • Binary exeuctables
  • Some illegal web software installations
  • Custom user specified regular expression patterns
  • Reporting of symlink attacks
  • Comprehensive constant scanning of all user data using the cxs Watch daemon - scans all user files as soon as they are modified
  • Daily check for new Exploit Fingerprints
  • Check for old version of popular web scripts (e.g. Wordpress, Joomla, osCommerce)

MySQL

MySQL is a popular Open Source Software relational database management system which uses a subset of ANSI SQL (Structured Query Language).

E-Mail Forwarding & Aliasing

All Mumbai Hosting accounts come with unlimited e-mail forwarding & Aliasing. E-mail forwarding is an email service in which your email is automatically sent (forwarded) from one or more email address, to another (possibly several) specified email address.

Webmail Access

Now you can check your e-mail from any computer with an Internet connection. Mumbai Hosting provides squirrelmail, a web-based professional solution for accessing your e-mail from a web browser.

Mailing List

All Mumbai Hosting accounts come with mailing lists. A Mailing list is a very popular way for people to send and receive information of a particular type. For example, you might wish to add all of your customers to a mailing list and then notify them of upcoming sales or specials by sending only one message to the main list address, which would then send the message to all e-mail addresses contained in that list.

FTP Accounts and Access

The process by which files are transferred to the web server is called 'FTP' (File Transfer Protocol). You have unlimited access via FTP 24 hours a day. As such, you can create and maintain your web pages on your own computer and upload files to your web site at your leisure and you may set up as many FTP user accounts as you like in your Site Manager.

CGI-BIN Support

Every Mumbai Hosting account comes with a personal CGI-BIN. The CGI-BIN is a directory on the server where the executable CGI scripts reside. We have pre-installed some very popular and common CGI scripts in your CGI-BIN already. You have complete control over your CGI-BIN and can install any custom or 3rd party CGI scripts that you would like.

phpMyAdmin

PhpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the web. It can create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, and more.

Subdomains

Subdomains or 3rd level domains are web addresses that operate just under a top level domain, but behave as an independent domain. You can place a word or phrase in place of the standard 'www' (subdomain.domain.com) and redirect all requests for that URL to a different directory within your website. You can set up subdomains from within your Site Manager.

Password Protected Directories

Every Mumbai Hosting account comes with the ability to password protect as many directories as you would like. This can be setup very quickly and easily using the pre-installed control panel on every Mumbai Hosting account.