Finding proof of server being compromised by Black Hole Toolkit exploit

Posted by cosmicsafari on Server Fault See other posts from Server Fault or by cosmicsafari
Published on 2012-12-11T10:04:38Z Indexed on 2012/12/11 11:05 UTC
Read the original article Hit count: 269

Filed under:
|
|

I recently took over maintenance of a company server. (Just Host, C Panel, Linux server), theres a tonne of websites on it which i know nothing about. It had came to my attention that a client had attempted to access one of the websites hosted on this server and was met with a warning from windows defender.

It had blocked access because it said the website had been compromised by the Black Hole Toolkit or something to that effect.

Anyway I went in and updated various plugins and deleted some old suspect websites.

I have since ran the website in question through a few online malware scanners and its comes up clean everytime. However im not convinced.

Do any of you guys know extensive ways i can check that the server isn't still compromised. I have no way to install any malware scanners or anti virus programs on the server as it is horribly locked down by Just Host.

© Server Fault or respective owner

Related posts about linux

Related posts about security