{"id":178,"date":"2017-02-09T14:44:19","date_gmt":"2017-02-09T14:44:19","guid":{"rendered":"http:\/\/kloxo.id\/?p=178"},"modified":"2017-02-09T14:44:19","modified_gmt":"2017-02-09T14:44:19","slug":"mengatasi-unix-trojan-ddos_xor-1-pada-server-linux","status":"publish","type":"post","link":"https:\/\/kloxo.web.id\/?p=178","title":{"rendered":"Mengatasi Unix.Trojan.DDoS_XOR-1 pada Server Linux"},"content":{"rendered":"

Dikontak via WA oleh seorang kawan, dengan keluhan udah 2 hari ini traffic full pada salah satu interface router nya :<\/p>\n

\"IMG-20170209-WA0006\"<\/a><\/p>\n

saya minta scan dengan clamav pada server production nya :<\/p>\n

\"IMG-20170209-WA0012\"<\/a><\/p>\n

\/lib\/libudev.so: Unix.Trojan.DDoS_XOR-1 FOUND<\/p>\n

dan ketika dilakukan ‘top’ muncul aplikasi bernama aneh yang menggunakan resource system cukup besar :<\/p>\n

\"IMG-20170209-WA0023\"<\/a><\/p>\n

 <\/p>\n

cara mengatasi trojan ini saya copas dari :<\/p>\n

(https:\/\/admin-ahead.com\/forum\/server-security-hardening\/unix-trojan-ddos_xor-1-chinese-chicken-multiplatform-dos-botnets-trojan\/)<\/p>\n

(http:\/\/superuser.com\/questions\/863997\/ddos-virus-infection-as-a-unix-service-on-a-debian-8-vm-webserver)<\/p>\n

kalo mencobanya command nya hati2 ya.. DWYOR<\/p>\n","protected":false},"excerpt":{"rendered":"

Dikontak via WA oleh seorang kawan, dengan keluhan udah 2 hari ini traffic full pada salah satu interface router nya : saya minta scan dengan clamav pada server production nya : \/lib\/libudev.so: Unix.Trojan.DDoS_XOR-1 FOUND dan ketika dilakukan ‘top’ muncul aplikasi bernama aneh yang menggunakan resource system cukup besar :   cara mengatasi trojan ini saya […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-178","post","type-post","status-publish","format-standard","hentry","category-linux-server"],"_links":{"self":[{"href":"https:\/\/kloxo.web.id\/index.php?rest_route=\/wp\/v2\/posts\/178","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kloxo.web.id\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kloxo.web.id\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kloxo.web.id\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/kloxo.web.id\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=178"}],"version-history":[{"count":1,"href":"https:\/\/kloxo.web.id\/index.php?rest_route=\/wp\/v2\/posts\/178\/revisions"}],"predecessor-version":[{"id":182,"href":"https:\/\/kloxo.web.id\/index.php?rest_route=\/wp\/v2\/posts\/178\/revisions\/182"}],"wp:attachment":[{"href":"https:\/\/kloxo.web.id\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=178"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kloxo.web.id\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=178"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kloxo.web.id\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=178"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}