SlimFTPd (V3.181)

[Ric]

SlimFTPd (V3.181)

 

I like SlimFTPd accordingly have updated UniCenter to reflect this.

 

The following page:

 

http://center.uniformserver.com/slimftp318..._6_plugins.html

 

Includes a plugin for Uniform Server 3.5-Apollo and 3.3 (either full plugin or how to upgrade)

 

New section for 3.5-Apollo contains a tutorial using SlimFTPd (V3.181)

 

The original 3.3 write-up updated (OK corrected a few errors)

 

All the best

Ric

[BananaAcid]

you might check out http://bananaacid.de.vu/?slimftpd (extract to w: and change pw. done)

 

it is a little more tweaking and integration. no big deal yet. will include an admin-panel config page later. uses AVC and has a better directory structure.

 

if you dont care about version checking (AVC) and want to have it in a basic folder, stick to the one posted here. (is simpler)

[jacob lee]

you might check out http://bananaacid.de.vu/?slimftpd (extract to w: and change pw. done)

 

it is a little more tweaking and integration. no big deal yet. will include an admin-panel config page later. uses AVC and has a better directory structure.

 

if you dont care about version checking (AVC) and want to have it in a basic folder, stick to the one posted here. (is simpler)

 

The zip file has troian virus in it.

[Ric]

Your post scares me and I assume also anyone that reads it.

 

I downloaded SlimFTPd 1.0.0.zip (by BananaAcid) scanned it with both Norton and Clam neither found a problem. What AV are you using?

 

On this page http://center.uniformserver.com/slimftp/slimftp_1_intro.html I stated the following:

 

“When using SlimFTPd for the first time all the information is there but a little confusing. The code has been around since 2002 and grown up with the Internet its success and ease of use is reflected in its notoriety as a Trojan this makes it slightly more difficult to deploy.

 

I must stress the software is not a Trojan it only becomes this when used with malicious intent. In this write up I cover all these points in addition show you what a powerful plug-in it is”

 

Some AV’s report a false Trojan, I was wondering if this is possible in your case.

 

I can not be 100% sure of the above version however the version on Source Forge is clean, would you download this and see if you get the same result.

 

http://sourceforge.net/project/showfiles.php?group_id=53691

 

If it detects a Trojan all it will confirm is that your AV is reporting false positives.

 

All the best

Ric

[BananaAcid]

Any updated and mainstream virus scanner shows it HAS NO virus.

Avira AntiVir,

AVG,

NOD,

Norton,

Symantec.

 

So: Update your virus definition files, and in case you use any HEURISTIC features, dont set them on ULTRA / HIGH or alike. btw, if you dont trust it, replace the programm files in it with the original from http://sf.net/project/showfiles.php?group_id=53691

(any1 willing can do a md5 hash compare. i asure you, that heuristics is a common problem for virus detection.)

 

my voiceflux was also listed on the infacted files list. after i send it to avg, avira - the problem is gone :-) well anyhow.

use it or dont. i just thought id share, since i am working on AVC and try to turn everything into an AVC compatible plugin, as AVC will probably included, if i got the captain right. ;-)

[jacob lee]

Now the server is quickened!

Any updated and mainstream virus scanner shows it HAS NO virus.

Avira AntiVir,

AVG,

NOD,

Norton,

Symantec.

 

So: Update your virus definition files, and in case you use any HEURISTIC features, dont set them on ULTRA / HIGH or alike. btw, if you dont trust it, replace the programm files in it with the original from http://sf.net/project/showfiles.php?group_id=53691

(any1 willing can do a md5 hash compare. i asure you, that heuristics is a common problem for virus detection.)

 

my voiceflux was also listed on the infacted files list. after i send it to avg, avira - the problem is gone :-) well anyhow.

use it or dont. i just thought id share, since i am working on AVC and try to turn everything into an AVC compatible plugin, as AVC will probably included, if i got the captain right. ;-)

 

Sorry to bother you too but still I got the same warnning after I download and unzipped it: Trojan.Genlot.ALM

the file is \usr\local\SlimFTPd\SlimFTPd.exe

 

the antivirus program that I use is a korean program which uses bitDefender version 9 engine which is regarded as one of top class engines.

 

I don't know if this is wrong warning or not but whenever I try to download slimftpd and use it from anywhere except the link I've got no problem.

[Ric]

I still believe this is a false positive, however I do appreciate your concern. The only other alternative is to put a support request into bitDefender and send them the file.

 

They will either confirm there is a virus or point you in the right direction to resolve the problem. If as I believe it is a false positive they will want to update their software.

 

However I am being a little thick because I do not understand what you mean by this:

I don't know if this is wrong warning or not but whenever I try to download slimftpd and use it from anywhere except the link I've got no problem

.

In the previous posts you have three links, allowing you to download three possible variants of SlimFTPd, which one fails.

 

All the best

Ric

[BananaAcid]

as Ric said.

Send them the file and ask them why it will show a virus.

 

or you can check it yourself.

extract the package. ignore any virus warning. do not run any files. scan the folder with all the included files. (still this does not load any files into memory = run any files = execute any possible virus).

 

if you virus scanner finds a firus in any readme, you know there is something wrong. since it contains ONLY text files, except for the original files, this false warning might only exist if you scan the ARCHIVE. if it shows a virus in any php file, you can look into that mentioned file with notepad or any other plain text editor that is not able to execute any macros (like word).

 

since your software is a offspring it might not include all patches and fixes of the orinial one. (as it has probably less support)

[jacob lee]

Now I think it might be a wrong warning. I tested original slimftpd.exe version 3.181 it got the same warning. the other files are not version 3.181. the uc_slimftpd provides version 3.1.6. I'm sorry.

[Ric]

No need to apologise we all would rather see a false positive than a real virus.

 

We do take viruses seriously and never knowingly would introduce one into the community. However we cannot be complacent and let our guard down new viruses are produced daily hence everyone is at risk.

 

Its important to be vigilant never trust any software always scan and take the appropriate action if alarm bells sound.

 

I do not normally cross-reference on the forum but this is one off my first posts:

http://forum.uniformserver.com/index.php?s...=security+alert

Makes an interesting read, looks as if I was paranoid then! Mention viruses or security issues and alarm bells ring.

 

All the best

Ric

[BananaAcid]

Hehe.

Like your link. could have been added here earlier. ;-)