Home Operation and Maintenance Linux Operation and Maintenance How to install a Linux malware detection program

How to install a Linux malware detection program

Mar 23, 2019 pm 03:47 PM
linux

Malware is known as malware, it can be any script, application or anything harmful to our system and data.

How to install a Linux malware detection program

Linux Malware detect (LMD) is a malware scanner for Linux, released under the GNU GPLV2 license and designed to address threats faced in hosted environments . It uses threat data from network edge intrusion detection systems to extract malware actively used in attacks and generate signatures for detection.

Threats in shared hosting environments are unique from standard AV product detection suites in that they focus on detecting operating system-level Trojans, rootkits, and traditional virus-infected files, but ignore ongoing threats at the user account level. Increased variety of malware as an attack platform.

Step 1: Download and install LMD

First log in to the server using an ssh client (e.g. putty), then use the following command to download the latest lmd source code.

#cd / opt 
#wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
Copy after login

Now extract the downloaded archive in the current directory

Now extract the downloaded archive file in the current directory

#tar xfz maldetect-current.tar.gz
Copy after login

After decompressing the archive file, execute the install provided in the source .sh script that will install LMD in your system.

#cd maldetect-1.4.2 
#sh install.sh
Copy after login

Step 2: Configure LMD

LMD creates a configuration file /usr/local/maldetect/conf.maldet, where we can define the work and requirements of LMD Action taken.

#vim /usr/local/maldetect/conf.maldet
Copy after login
# [ EMAIL ALERTS ]
##
# The default email alert toggle
# [0 = disabled, 1 = enabled]
email_alert=1

# The subject line for email alerts
email_subj="MLD Scan Report from $(hostname)"

# The destination addresses for email alerts
# [ values are comma (,) spaced ]
email_addr="webmaster@mydomain.com"

# Ignore e-mail alerts for reports in which all hits have been cleaned.
# This is ideal on very busy servers where cleaned hits can drown out
# other more actionable reports.
email_ignore_clean=0

##
# [ QUARANTINE OPTIONS ]
##
# The default quarantine action for malware hits
# [0 = alert only, 1 = move to quarantine & alert]
quar_hits=1

# Try to clean string based malware injections
# [NOTE: quar_hits=1 required]
# [0 = disabled, 1 = clean]
quar_clean=1

# The default suspend action for users wih hits
# Cpanel suspend or set shell /bin/false on non-Cpanel
# [NOTE: quar_hits=1 required]
# [0 = disabled, 1 = suspend account]
quar_susp=0

# minimum userid that can be suspended
quar_susp_minuid=500
Copy after login

Step 3: Start scanning manually

At this stage, LMD has been successfully installed and configured on the system. Let us run the first scan manually by executing the following command.

#maldet --scan-all / var / www / html
Copy after login

The above command will scan all files and directories under /var/www/html. Depending on the number of files, it may take a long time to complete. After completing the above command, it will display a command to view the report as shown below

#maldet --report 060214-1946.24560
Copy after login
malware detect scan report for svr1.tecadmin.net:
SCAN ID: 060214-1946.24560
TIME: May  28 19:46:12 +0530
PATH: /var/www/html/
TOTAL FILES: 4441
TOTAL HITS: 0
TOTAL CLEANED: 0

===============================================
Linux Malware Detect v1.4.2 < proj@rfxn.com >
Copy after login

In this example, TOTAL HITS is 0, so LMD will not detect any malware on the system. But if it detects any malware on the system, the malware can be quarantined using one of the following commands

# maldet --quarantine SCANID
OR
# maldet --clean SCANID
Copy after login

The SCANID can be found in the report generated above.

Step 4: Set up periodic scans

During the installation of LMD, it has created crontab files that are executed daily.

#vi /etc/cron.daily/maldet
Copy after login

However, if your system has a large number of files and directories, you can change the scan to weekly instead of daily.

This article has ended here. For more other exciting content, you can pay attention to the Linux Video Tutorial column on the PHP Chinese website!

The above is the detailed content of How to install a Linux malware detection program. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks ago By 尊渡假赌尊渡假赌尊渡假赌
Repo: How To Revive Teammates
1 months ago By 尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island Adventure: How To Get Giant Seeds
4 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

deepseek web version entrance deepseek official website entrance deepseek web version entrance deepseek official website entrance Feb 19, 2025 pm 04:54 PM

DeepSeek is a powerful intelligent search and analysis tool that provides two access methods: web version and official website. The web version is convenient and efficient, and can be used without installation; the official website provides comprehensive product information, download resources and support services. Whether individuals or corporate users, they can easily obtain and analyze massive data through DeepSeek to improve work efficiency, assist decision-making and promote innovation.

How to install deepseek How to install deepseek Feb 19, 2025 pm 05:48 PM

There are many ways to install DeepSeek, including: compile from source (for experienced developers) using precompiled packages (for Windows users) using Docker containers (for most convenient, no need to worry about compatibility) No matter which method you choose, Please read the official documents carefully and prepare them fully to avoid unnecessary trouble.

BITGet official website installation (2025 beginner's guide) BITGet official website installation (2025 beginner's guide) Feb 21, 2025 pm 08:42 PM

BITGet is a cryptocurrency exchange that provides a variety of trading services including spot trading, contract trading and derivatives. Founded in 2018, the exchange is headquartered in Singapore and is committed to providing users with a safe and reliable trading platform. BITGet offers a variety of trading pairs, including BTC/USDT, ETH/USDT and XRP/USDT. Additionally, the exchange has a reputation for security and liquidity and offers a variety of features such as premium order types, leveraged trading and 24/7 customer support.

Ouyi okx installation package is directly included Ouyi okx installation package is directly included Feb 21, 2025 pm 08:00 PM

Ouyi OKX, the world's leading digital asset exchange, has now launched an official installation package to provide a safe and convenient trading experience. The OKX installation package of Ouyi does not need to be accessed through a browser. It can directly install independent applications on the device, creating a stable and efficient trading platform for users. The installation process is simple and easy to understand. Users only need to download the latest version of the installation package and follow the prompts to complete the installation step by step.

Get the gate.io installation package for free Get the gate.io installation package for free Feb 21, 2025 pm 08:21 PM

Gate.io is a popular cryptocurrency exchange that users can use by downloading its installation package and installing it on their devices. The steps to obtain the installation package are as follows: Visit the official website of Gate.io, click "Download", select the corresponding operating system (Windows, Mac or Linux), and download the installation package to your computer. It is recommended to temporarily disable antivirus software or firewall during installation to ensure smooth installation. After completion, the user needs to create a Gate.io account to start using it.

Ouyi Exchange Download Official Portal Ouyi Exchange Download Official Portal Feb 21, 2025 pm 07:51 PM

Ouyi, also known as OKX, is a world-leading cryptocurrency trading platform. The article provides a download portal for Ouyi's official installation package, which facilitates users to install Ouyi client on different devices. This installation package supports Windows, Mac, Android and iOS systems. Users can choose the corresponding version to download according to their device type. After the installation is completed, users can register or log in to the Ouyi account, start trading cryptocurrencies and enjoy other services provided by the platform.

gate.io official website registration installation package link gate.io official website registration installation package link Feb 21, 2025 pm 08:15 PM

Gate.io is a highly acclaimed cryptocurrency trading platform known for its extensive token selection, low transaction fees and a user-friendly interface. With its advanced security features and excellent customer service, Gate.io provides traders with a reliable and convenient cryptocurrency trading environment. If you want to join Gate.io, please click the link provided to download the official registration installation package to start your cryptocurrency trading journey.

How to Install phpMyAdmin with Nginx on Ubuntu? How to Install phpMyAdmin with Nginx on Ubuntu? Feb 07, 2025 am 11:12 AM

This tutorial guides you through installing and configuring Nginx and phpMyAdmin on an Ubuntu system, potentially alongside an existing Apache server. We'll cover setting up Nginx, resolving potential port conflicts with Apache, installing MariaDB (

See all articles