Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Tips/Tricks/Mods

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #41  
Old 21st November 2014, 17:36
concept21 concept21 is offline
Senior Member
 
Join Date: Dec 2011
Posts: 168
Thanks: 32
Thanked 28 Times in 21 Posts
Thumbs down

Did you see the first post's date and my last post's date?
Reply With Quote
Sponsored Links
  #42  
Old 21st November 2014, 17:43
dayjahone dayjahone is offline
Senior Member
 
Join Date: Jan 2007
Posts: 432
Thanks: 31
Thanked 0 Times in 0 Posts
Default

Thanks for the reply, but I'm still confused. I tried doing a straight install with no modification and I get this:

Code:
:~/maldetect-1.4.2# /usr/local/maldetect/maldet -m /usr/local/maldetect/maldetfilelist
Linux Malware Detect v1.4.2
            (C) 2002-2013, R-fx Networks <proj@r-fx.org>
            (C) 2013, Ryan MacDonald <ryan@r-fx.org>
inotifywait (C) 2007, Rohan McGovern <rohan@mcgovern.id.au>
This program may be freely redistributed under the terms of the GNU GPL v2

maldet(27746): {mon} set inotify max_user_instances to 128
maldet(27746): {mon} set inotify max_user_watches to 30720
maldet(27746): {mon} no valid option or invalid file/path provided, aborting.
Reply With Quote
  #43  
Old 22nd November 2014, 09:50
Ovidiu Ovidiu is offline
Senior Member
 
Join Date: Sep 2005
Posts: 1,269
Thanks: 84
Thanked 25 Times in 21 Posts
Default

@concept21: who're you talking to? Not getting your comment...

@dayjahone:
- does this file exist? => /usr/local/maldetect/maldetfilelist
- if yes, open it and check the path, do they look ok?
- how about you simply follow the isntallation instructions again, same error?
Reply With Quote
  #44  
Old 22nd November 2014, 19:15
dayjahone dayjahone is offline
Senior Member
 
Join Date: Jan 2007
Posts: 432
Thanks: 31
Thanked 0 Times in 0 Posts
Default

@concept21: /usr/local/maldetect/maldetfilelist exists, but the only thing in it is
Quote:
/var/www/clients
I went to that file and see a list of all the clients.

I tried to do a fresh install. When I do the install script now, I get the following error:

Code:
installation completed to /usr/local/maldetect
config file: /usr/local/maldetect/conf.maldet
exec file: /usr/local/maldetect/maldet
exec link: /usr/local/sbin/maldet
exec link: /usr/local/sbin/lmd
cron.daily: /etc/cron.daily/maldet

install.sh: line 72: .: .ca.def: file not found
I powered through and am not sure if the inotify line should be
Quote:
inotify=/usr/bin/inotifywait
or
Quote:
inotify=$inspath/usr/bin/inotifywait
I left out the $inspath

When I run it, I get the following:

Code:
maldet(11141): {mon} set inotify max_user_instances to 128
maldet(11141): {mon} set inotify max_user_watches to 30720
/usr/bin/wc: /usr/local/maldetect/sess/inotify.paths.11141: No such file or directory
maldet(11141): {mon} added /var/www/clients to inotify monitoring array
maldet(11141): {mon} starting inotify process on 1 paths, this might take awhile...
maldet(11141): {mon} no inotify process found, check /usr/local/maldetect/inotify/inotify_log for errors.
Reply With Quote
  #45  
Old 23rd November 2014, 08:50
concept21 concept21 is offline
Senior Member
 
Join Date: Dec 2011
Posts: 168
Thanks: 32
Thanked 28 Times in 21 Posts
Thumbs up

It uses its own inotify:
/usr/local/maldetect/inotify/


In my case, maldect v1.4.2 is fully compatible with Ubuntu 10.04 amd64. Here is its daily cron task record, no more modification is needed.
Attached Images
 
Reply With Quote
  #46  
Old 23rd November 2014, 12:58
Ovidiu Ovidiu is offline
Senior Member
 
Join Date: Sep 2005
Posts: 1,269
Thanks: 84
Thanked 25 Times in 21 Posts
Default

Weird, this is the only changelog of this year:
Quote:
v1.4.2-1 | Apr 8th 2013:
[New] detection and alerting of openssl heartbleed vulnerability
Going to give the original version another try on Debian Wheezy now :-)

###edit###
Just realized the last change was 2013 so not sure why anyone claims things have changed?Can anyone clarify what new version you guys are talking about?

Last edited by Ovidiu; 23rd November 2014 at 13:05.
Reply With Quote
  #47  
Old 23rd November 2014, 17:23
concept21 concept21 is offline
Senior Member
 
Join Date: Dec 2011
Posts: 168
Thanks: 32
Thanked 28 Times in 21 Posts
Smile

Quote:
Originally Posted by Ovidiu View Post
Isn't there anyone willing to "adopt" this Debian-Mod?
I really think maldet is an awesome script but the author is very unresponsive and in its current state there are way too many errors and unanswered questions in this thread...

I'd be willing to donate maybe 1-2 hour's worth of work?

When your installation completes, please contact me for donation account number. I need some $ these days.
Reply With Quote
The Following User Says Thank You to concept21 For This Useful Post:
adizzycswftay782 (28th November 2014)
  #48  
Old 24th November 2014, 10:35
Ovidiu Ovidiu is offline
Senior Member
 
Join Date: Sep 2005
Posts: 1,269
Thanks: 84
Thanked 25 Times in 21 Posts
Default

@concept21: I think maldet had its own inotify for some time, when this thread started: 30th August 2012, 10:19 one of the changes that this script introduces is to delete the built-in inotify and set the path to the system inotify:


Quote:
Edit
vi /usr/local/maldetect/internals.conf

Find inotify= and change the value to /usr/bin/inotifywait

Next delete inotifywait and libinotifytools.so.0

rm -rf /usr/local/maldetect/inotify/inotifywait
rm -rf /usr/local/maldetect/inotify/libinotifytools.so.0
And what about the other changes for Debian and ISPCFG3 fixes, i.e.

Quote:
Next comment out
/usr/local/maldetect/maldet -b -r /home?/?/public_html 2 >> /dev/null 2>&1

Add this beneath instead.
# Instead use ISPConfig 3 path var/www
/usr/local/maldetect/maldet -b -r /var/www

Comment out these lines as well, as they are not needed.
if [ -d "/var/www/html" ]; then
/usr/local/maldetect/maldet -b -r /var/www/html 2
fi
if [ -d "/usr/local/apache/htdocs" ]; then
/usr/local/maldetect/maldet -b -r /usr/local/apache/htdocs 2
fi

Save and quit.
Quote:
2. Configuring your system.

First we need to modify the main script to work with Debian.
Reply With Quote
  #49  
Old 24th November 2014, 12:20
concept21 concept21 is offline
Senior Member
 
Join Date: Dec 2011
Posts: 168
Thanks: 32
Thanked 28 Times in 21 Posts
Cool

If you modify the daily cron maldet script, it will be overwritten everytime Maldet is updated or upgraded.

Instead, you can create a link from /usr/local/apache/htdocs/ to var/www or to any web you like. My maldet daily cron log mentioned above shows it works.
Attached Images
 
Reply With Quote
  #50  
Old 24th November 2014, 17:14
dayjahone dayjahone is offline
Senior Member
 
Join Date: Jan 2007
Posts: 432
Thanks: 31
Thanked 0 Times in 0 Posts
 
Default

@concept21: do you know what I did wrong? I followed all of the instructions in the initial post. Now I get the following:

Code:
installation completed to /usr/local/maldetect
config file: /usr/local/maldetect/conf.maldet
exec file: /usr/local/maldetect/maldet
exec link: /usr/local/sbin/maldet
exec link: /usr/local/sbin/lmd
cron.daily: /etc/cron.daily/maldet

install.sh: line 72: .: .ca.def: file not found
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Compile php for ispconfig with zlib on Debian Lenny (Debian 5.0) [ISPConfig 2 mike_phi Installation/Configuration 0 23rd August 2010 16:52
ISPConfig 3.0.0.4 Beta Released till General 54 4th March 2009 10:55
Perfect setup Debian Etch ISPConfig - DNS Server kdclaver Installation/Configuration 16 28th December 2007 02:39
Postfix Problems Rocky Installation/Configuration 22 14th September 2006 10:03
e-mail problem!!! Debian 3.1 maroonworks Installation/Configuration 18 6th December 2005 15:42


All times are GMT +2. The time now is 19:54.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.