How to install Malware Detect ( maldetect or LMD ) in Debian 8
- Category : Linux Helpline (Easy Guide)
- Posted on : Feb 11, 2019
- Views : 1,782
- By : Ingavar J.
1. Introduction
Malwares are kind of malicious software which damage the system, in order to avoid such harmful threats the user should aware of the changes that he is made in the server.
Linux Malware Detect(LMD) is a malware scanner for Linux released under the GNU GPLv2 license. It is a effective tool in order to find infected files and there by removing threats.
2. Download LMD archive latest version .
Go to /usr/local/src in which we can download the latest LMD.
# wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
3. Extract the downloaded file.
# tar -zxvf maldetect-current.tar.gz
Change present directory location to extracted directory
# cd maldetect-1.5
4. Run Installation Script
Install LMD by running the following script, it is the easiest way to do this installation part.
# ./install.sh
5. Edit configuration file
Open LMD main configuration file using vi editor and edit the following parameters.
# vi /usr/local/maldetect/conf.maldet
Make sure the below value is enabled
scan_clamscan="1"
To get mail alerts, make it to 1 else 0
email_alert="1"
The email id , in which you want to get alerts
email_addr="you@domain.com"
Set default quarantine action for malware hits
quarantine_hits="1"
To clean the detected malware
quarantine_clean="1"
The default suspend action for users wih hits
quarantine_suspend_user="0"
The minimum userid value that can be suspended
quarantine_suspend_user_minuid="500"
6. Start scanning the system
Run following command to scan the system with LMD. Use maldet followed by directory which you want to scan.
# maldet -m /usr/local/ Linux Malware Detect v1.5 (C) 2002-2015, R-fx Networks <proj@rfxn.com> (C) 2015, Ryan MacDonald <ryan@rfxn.com> This program may be freely redistributed under the terms of the GNU GPL v2 maldet(29347): {scan} signatures loaded: 10822 (8908 MD5 / 1914 HEX / 0 USER) maldet(29347): {scan} building file list for /, this might take awhile... maldet(29347): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6 maldet(29347): {scan} file list completed in 0s, found 3070 files... maldet(29347): {scan} scan of / (3070 files) in progress... maldet(29347): {scan} 3070/3070 files scanned: 0 hits 0 cleaned maldet(29347): {scan} scan completed on /: files 3070, malware hits 0, cleaned hits 0, time 96s maldet(29347): {scan} scan report saved, to view run: maldet --report 160111-0858.29347 </ryan@rfxn.com></proj@rfxn.com>
7. To Print the result
Print the number of infected files
# maldet --report 160111-0858.29347 HOST: amal-debian8 SCAN ID: 160111-0858.29347 STARTED: Jan 11 2016 08:58:50 +0300 COMPLETED: Jan 11 2016 09:00:26 +0300 ELAPSED: 96s [find: 0s] PATH: / TOTAL FILES: 3070 TOTAL HITS: 0 TOTAL CLEANED: 0 Linux Malware Detect v1.5 < proj@rfxn.com >
8. Update virus Signature and LMD
Execute given commands to update virus signatures and LMD version.
Update virus signatures to latest
# maldet -u This program may be freely redistributed under the terms of the GNU GPL v2 maldet(8348): {sigup} performing signature update check... maldet(8348): {sigup} local signature set is version 2015121610247 maldet(8348): {sigup} latest signature set already installed
Update LMD to latest
# maldet -d Linux Malware Detect v1.5 (C) 2002-2015, R-fx Networks <proj@rfxn.com> (C) 2015, Ryan MacDonald <ryan@rfxn.com> This program may be freely redistributed under the terms of the GNU GPL v2 maldet(8237): {update} checking for available updates... maldet(8237): {update} hashing install files and checking against server... maldet(8237): {update} latest version already installed. </ryan@rfxn.com></proj@rfxn.com>
9. Remove infected files
Use following command to remove infected files
Reference: From previous scan my scan ID was 160111-0858.29347, it must be different for you. You can check this from your scan results.
# maldet -n
Categories
Subscribe Now
10,000 successful online businessmen like to have our content directly delivered to their inbox. Subscribe to our newsletter!Archive Calendar
Sat | Sun | Mon | Tue | Wed | Thu | Fri |
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | 6 | |
7 | 8 | 9 | 10 | 11 | 12 | 13 |
14 | 15 | 16 | 17 | 18 | 19 | 20 |
21 | 22 | 23 | 24 | 25 | 26 | 27 |
28 | 29 | 30 | 31 |
Recent Articles
-
Posted on : Jul 25
-
Posted on : Jul 07
-
Posted on : Apr 07
-
Posted on : Mar 19
Optimized my.cnf configuration for MySQL 8 (on cPanel/WHM servers)
Tags
- layer 7
- tweak
- kill
- process
- sql
- Knowledge
- vpn
- seo vpn
- wireguard
- webmail
- ddos mitigation
- attack
- ddos
- DMARC
- server load
- Development
- nginx
- php-fpm
- cheap vpn
- Hosting Security
- xampp
- Plesk
- cpulimit
- VPS Hosting
- smtp
- smtp relay
- exim
- Comparison
- cpu
- WHM
- mariadb
- encryption
- sysstat
- optimize
- Link Building
- apache
- centos
- Small Business
- VPS
- Error
- SSD Hosting
- Networking
- optimization
- DNS
- mysql
- ubuntu
- Linux