Install & configure Maldetect (Linux Malware Detector)

Downloading

cd /tmp
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz

Installing

# tar xfz maldetect-current.tar.gz
cd maldetect-*
./install.sh

Configuring
Open the file /usr/local/maldetect/conf.maldet and make any changes according to your needs. These are the main options:
email_alert : If you would like to receive email alerts, then it should be set to 1.
email_subj : Set your email subject here.
email_addr : Add your email address to receive malware alerts.
quar_hits : The default quarantine action for malware hits, it should be set 1.
quar_clean : Cleaing detected malware injections, must set to 1.
quar_susp : The default suspend action for users wih hits, set it as per your requirements.
quar_susp_minuid : Minimum userid that can be suspended.

Running a scan (Substitute /home with the directory you want to scan)

maldet --scan-all /home

Daily Scans
By default installation keeps LMD script under /etc/cron.daily/maldet and it is used to perform a daily scans, update of signatures, quarantine etc, and sends a daily report of malware scan to your specified emails. If you need to add additional paths to be scanned, then you should edit this file accordingly to your requirements.

vi /etc/cron.daily/maldet

Manual Update

maldet -u
Print Friendly, PDF & Email

More Like This


Categories


CentOS Linux Security Security Ubuntu / Mint Web Hosting

Tags


  • Post a comment