Find and remove malware on a Linux server
£20-250 GBP
Paid on delivery
The IP address of my dedictaed linux server keeps getting blacklisted by the CBL.
I have tried search the log files but I can't see how/if the server is actually infected with malware.
The CBL gives the following reason for the blacklisting
"This IP is sending email in such a way to indicate that it is, or is NATting for a web server that is infected with a spam sending script, like Darkmailer, DirectMailer, r57shell, or some analogous Perl, PHP or CGI script."
I am looking for a Linux expert who is experienced at looking at log files and port activity to find the source of the infection and remove it.
My server doesn't have a GUI e.g. Plesk and so is accessed by SSH command line only.
The server runs Magento and two installation of Wordpress. Hence the ideal person would be familiar with these two pieces of software, to ensure that any investigation work undertaken doesn't disrupt the actual server working.
In terms of action already taken, I was mostly worried about wordpress vulnerabilities. Hence I have installed the premium version of WordFence to protect the wordpress installations. I have also deleted all blog comments and prevented future blog comments in case this was allowing some kind of malicious injection.
I have setup a SPF record to identify the IP address as being able to send emails on behalf of my domain name. I have also setup the server hostname and reverse DNS. HOwever, I realise this doesn't address the malware issue.
I have tried to look at the server logs but I can't see much activity on Port 25. However, I am aware that some malware can bypass the logs so this doesn't catch everything, I also ran [login to view URL] but this flagged up logs of jpg files which in fact were not corrupted at all, and so it doesn't really help find the cause of the issue.
If you are interested please give an an idea of your experience in fixing this kind of issue, as really I would like to pay the price for an expert rather than an enthusiastic learner.
Project ID: #6837968
About the project
Awarded to:
Hello, give me 30 minutes and shell , and i will tell you exactly whats going on, i'll also clean up vulnerabilities and will do my best to analyze where it comes from and how to defense.
18 freelancers are bidding on average £149 for this job
hello sir , we can do it and we will submit the site in google and remove blacklist issure from all search engine. thanks raj
Hello, Here are Magento Experts , 1. Easy access on IMs like Gtalk, Skype, Yahoo and MSN 2. Excellent Communication Skills 3. Immediate response to concerns and queries 4. Payments linked to delivery miles More
hello, i am red hat certified engineer and i am more then 4 year experience in this field i easily can do this task ready to start now thanks
Hello, I have huge experience in Linux server Also about LAMP architecture, I have atleast 10 years experience in LAMP. I can help you transfer hosting , help you backup your data reliably or restore your More
Hello I'm willing to help you with mailware removal on your Linux sever. I'm experienced system administrator with more then 10years of experience in IT. Could you please tell me what Linux distribution you are us More
