CentrioHost Blog

Stories and News from IT Industry, Reviews & Tips | Technology Blog


How to install Malware Detect ( maldetect or LMD ) in Debian 8

1. Introduction

Malwares are kind of malicious software which damage the system, in order to avoid such harmful threats the user should aware of the changes that he is made in the server.
Linux Malware Detect(LMD) is a malware scanner for Linux released under the GNU GPLv2 license. It is a effective tool in order to find infected files and there by removing threats.

2. Download LMD archive latest version .

Go to /usr/local/src in which we can download the latest LMD.

# wget http://www.rfxn.com/downloads/maldetect-current.tar.gz

3. Extract the downloaded file.

# tar -zxvf maldetect-current.tar.gz

Change present directory location to extracted directory

# cd maldetect-1.5

4. Run Installation Script

Install LMD by running the following script, it is the easiest way to do this installation part.

# ./install.sh

5. Edit configuration file

Open LMD main configuration file using vi editor and edit the following parameters.

#  vi /usr/local/maldetect/conf.maldet

Make sure the below value is enabled

 scan_clamscan="1"

To get mail alerts, make it to 1 else 0

email_alert="1"

The email id , in which you want to get alerts

email_addr="you@domain.com"

Set default quarantine action for malware hits

quarantine_hits="1"

To clean the detected malware

quarantine_clean="1"

The default suspend action for users wih hits

quarantine_suspend_user="0"

The minimum userid value that can be suspended

quarantine_suspend_user_minuid="500"

6. Start scanning the system

Run following command to scan the system with LMD. Use maldet followed by directory which you want to scan.

# maldet -m /usr/local/
Linux Malware Detect v1.5
            (C) 2002-2015, R-fx Networks <proj@rfxn.com>
            (C) 2015, Ryan MacDonald <ryan@rfxn.com>
This program may be freely redistributed under the terms of the GNU GPL v2

maldet(29347): {scan} signatures loaded: 10822 (8908 MD5 / 1914 HEX / 0 USER)
maldet(29347): {scan} building file list for /, this might take awhile...
maldet(29347): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
maldet(29347): {scan} file list completed in 0s, found 3070 files...
maldet(29347): {scan} scan of / (3070 files) in progress...
maldet(29347): {scan} 3070/3070 files scanned: 0 hits 0 cleaned
maldet(29347): {scan} scan completed on /: files 3070, malware hits 0, cleaned hits 0, time 96s
maldet(29347): {scan} scan report saved, to view run: maldet --report 160111-0858.29347
</ryan@rfxn.com></proj@rfxn.com>

7. To Print the result

Print the number of infected files

# maldet --report 160111-0858.29347

HOST:      amal-debian8
SCAN ID:   160111-0858.29347
STARTED:   Jan 11 2016 08:58:50 +0300
COMPLETED: Jan 11 2016 09:00:26 +0300
ELAPSED:   96s [find: 0s]

PATH:          /
TOTAL FILES:   3070
TOTAL HITS:    0
TOTAL CLEANED: 0

Linux Malware Detect v1.5 < proj@rfxn.com >

8. Update virus Signature and LMD

Execute given commands to update virus signatures and LMD version.

Update virus signatures to latest

# maldet -u

This program may be freely redistributed under the terms of the GNU GPL v2

maldet(8348): {sigup} performing signature update check...
maldet(8348): {sigup} local signature set is version 2015121610247
maldet(8348): {sigup} latest signature set already installed

Update LMD to latest

# maldet -d

Linux Malware Detect v1.5
            (C) 2002-2015, R-fx Networks <proj@rfxn.com>
            (C) 2015, Ryan MacDonald <ryan@rfxn.com>
This program may be freely redistributed under the terms of the GNU GPL v2

maldet(8237): {update} checking for available updates...
maldet(8237): {update} hashing install files and checking against server...
maldet(8237): {update} latest version already installed.

</ryan@rfxn.com></proj@rfxn.com>

9. Remove infected files

Use following command to remove infected files
Reference: From previous scan my scan ID was 160111-0858.29347, it must be different for you. You can check this from your scan results.

# maldet -n 

Subscribe Now

10,000 successful online businessmen like to have our content directly delivered to their inbox. Subscribe to our newsletter!

Archive Calendar

SatSunMonTueWedThuFri
 123456
78910111213
14151617181920
21222324252627
28293031 

Over 20000 Satisfied Customers!

  • web hosting reviewer
    Valerie Quinn
    CTO, Acteon Group

    Centriohost staff were fantastic, I had a concern with a domain and they got back to me very quickly and they helped me to resolve the issue! ~ . . . Read more

  • Joomla hosting reviewer
    Collin Bryan
    Photographer, Allister Freeman

    I'm using centrio for my portfolio since 2006. The transition was seamless, the support was immediate, and everything works perfectly. ~ . . . Read more

  • dedicated server reviewer
    Harry Collett
    Actor, A&J Artists

    Very easy to understand & use even though I am not very technologically minded. No complications whatsoever & I wouldn't hesitate to recommend it to all. ~ . . . Read more

  • vps web hosting reviewer
    Porfirio Santos
    Technician, Diageo PLC

    Centrio support team have been amazingly responsive and helpful to any of my queries, thank you so much to the Centriohost have been amazingly responsive and helpful to any of my queries ๐Ÿ‘๐Ÿ‘๐Ÿ‘ ~ . . . Read more

  • wordpress hosting plans reviewer
    Catherine Auer
    Doctor, SmartClinics

    Anytime I've had a problem I can't solve, I've found Centriohost to be diligent and persistent. They simply won't let an issue go until the client is happy. ~ . . . Read more

  • reseller hosting reviewer
    Effectivo Social
    Freelancer, Fiverr

    Recommend their shared hosting for all my SME web design clients. Their cloud or VME offerings are too great to deal with. Pricing is perfect and suitable for all users (อ โ‰– อœส–อ โ‰–) ๐Ÿ‘Œ ~ . . . Read more

Top