Mittwoch, 26. Juni 2013

check_nginx_status - nagios-plugin to monitor output from HttpStubStatusModule


check_nginx_status is a Nagios-Plugin
to monitor nginx status and alerts on various values to test for

docs&downloads: https://bitbucket.org/maresystem/dogtown-nagios-plugins

Active Connections / 24hrs

Requests per Second / 24hrs

















Montag, 17. Juni 2013

Ruleset Update / 42000268 Possible SolusVM - Exploit-attempt

[+] new sigs:
  42000268 :: web_server.rules     :: DN WEB_SERVER Possible SolusVM - Exploit-attempt

 
MainRule "str:/centralbackup.php" "msg:DN WEB_SERVER Possible SolusVM - Exploit-attempt" "mz:URL" "s:$ATTACK:8" id:42000268 ; 


fo more information see
http://localhost.re/p/solusvm-11303-vulnerabilities
blog.soluslabs.com/2013/06/16/important-security-alert-new-update/
http://www.lowendbox.com/blog/a-days-recap-solusvm-exploit-released-ramnode-downtime-and-robert-clarke/

Mittwoch, 5. Juni 2013

rules-update: Plesk Apache Zeroday Remote Exploit - possible scan

[+] new sigs:
 
  42000262 :: web_server.rules     :: DN WEB_SERVER possible WP-Scan (wp-admin)
  42000261 :: web_server.rules     :: DN WEB_SERVER possible WP-Scan (wp-login)
  42000263 :: web_server.rules     :: DN WEB_SERVER .htaccess - Access
  42000264 :: web_server.rules     :: DN WEB_SERVER .htpasswd - Access
  42000265 :: web_server.rules     :: DN WEB_SERVER Plesk Apache Zeroday Remote Exploit - possible scan