Free Nobody Check Security Tool

The tool, available free of charge, detects malicious processes that may be running on vulnerable servers. If such processes are detected, a report is sent to the server administrator immediately via email. Administrators can then respond to the situation before extensive damage has occurred.

All too often we see IRC bots and other malicious processes masking themselves under legitimate names—like Apache—when their only actual function is to exploit the server and distribute viruses or spam.

Administrators can configure the tool to run at selected times, ensuring regular server functions are not disrupted.

See http://www.webhostgear.com/353.html

Cool, I'll try this sometime.

Great! any feedback would be appreciated

[root@server nobody_check]# ./nobody_check.sh
Nobody Check 1.0.2
Copyright © 2006 Wave Point Media Inc
Made available by www.webhostgear.com
Initializing Scan ...


Done
Clean Processes: 0
DETECTED Malicious Processes: 0

How about Plesk support?

Plesk and DirectAdmin support are currently under development.

Cool, post the link here when its ready.

I love your "Nobody Check Security Tool"!!!! I have been looking for such a script for a long while. I could not believe someone actually wrote this. You are doing God's work!

TWO QUESTIONS:

1) Am I right to say that I will ONLY receive the email when the tool detects a malicious process? Meaning, no email will be sent if everything is clean. Right?

2) How do I simulate a malicious process to test the email function?

Correct me if I am wrong.

The very first important thing to check if your server has malicious activities is to:

1) Check for unusual file in /tmp.
2) Run ps aux | grep nobody to see unusual processes by "nobody".

I love this script as it can perform item 2) every hourly using crontab.

WebHostGear.com Nobody Check 1.03 Released

I'm very excited to announce that 1.03 of Nobody Check is ready for download.
This FREE security tool is now better than ever.

The Nobody Check tool is a new and unique security tool that can detect malicious processes that are running on your Linux server and report them to you in real time or by email. It autoconfigures itself to detect the appropriate Apache user and scan for processes hidden such as IRC perl scripts, shell bots and much more.

This new version includes some exciting new features such as:
- cPanel, Plesk and DirectAdmin Support
- High level logging details
- Auto Kill malicious processes
- New scanning rules supporting more systems
- Auto install script


Project Link:
http://www.webhostgear.com/353.html

Thanks

Steve