Forum Discussion

1 Reply

  • that would be taken care of by the signature sets. these shells execute cat or ls or ... to look into passwd or other things. that is something attack signatures can detect very well.

     

    but to be honest if you think there are web shells on your servers you might want to look into that first and get that solved.