CXS

CXS

Actively scans all modified files within user accounts using the cxs Watch daemon regardless of how they were uploaded
PHP upload scripts (via a ModSecurity hook)
Perl upload scripts (via a ModSecurity hook)
CGI upload scripts (via a ModSecurity hook)
Over 4000 known current exploit script fingerprint matches (in addition to standard ClamAV detection)
Known viruses via ClamAV
Regular expression pattern matching to help identify known/unknown exploits
Filename matching
Suspicious file names
Suspicious file types
Binary executables
Some illegal web software installations
Custom user specified regular expression patterns