{"id":970,"date":"2014-03-09T15:24:02","date_gmt":"2014-03-09T15:24:02","guid":{"rendered":"http:\/\/scunster.co.uk\/?p=970"},"modified":"2014-03-09T15:26:32","modified_gmt":"2014-03-09T15:26:32","slug":"install-configure-maldetect-linux-malware-detector","status":"publish","type":"post","link":"https:\/\/scunster.co.uk\/?p=970","title":{"rendered":"Install & configure Maldetect (Linux Malware Detector)"},"content":{"rendered":"

Downloading<\/p>\n

cd \/tmp\r\nwget http:\/\/www.rfxn.com\/downloads\/maldetect-current.tar.gz<\/pre>\n
Installing<\/p>\n
# tar xfz maldetect-current.tar.gz\r\ncd maldetect-*\r\n.\/install.sh<\/pre>\n
Configuring
\nOpen the file \/usr\/local\/maldetect\/conf.maldet and make any changes according to your needs. These are the main options:
\n    email_alert : If you would like to receive email alerts, then it should be set to 1.
\n    email_subj : Set your email subject here.
\n    email_addr : Add your email address to receive malware alerts.
\n    quar_hits : The default quarantine action for malware hits, it should be set 1.
\n    quar_clean : Cleaing detected malware injections, must set to 1.
\n    quar_susp : The default suspend action for users wih hits, set it as per your requirements.
\n    quar_susp_minuid : Minimum userid that can be suspended.<\/p>\n
Running a scan (Substitute \/home with the directory you want to scan)<\/p>\n
maldet --scan-all \/home<\/pre>\n
Daily Scans
\nBy default installation keeps LMD script under \/etc\/cron.daily\/maldet and it is used to perform a daily scans, update of signatures, quarantine etc, and sends a daily report of malware scan to your specified emails. If you need to add additional paths to be scanned, then you should edit this file accordingly to your requirements.<\/p>\n
vi \/etc\/cron.daily\/maldet<\/pre>\n
Manual Update<\/p>\n
maldet -u<\/pre>\n","protected":false},"excerpt":{"rendered":"
Downloading cd \/tmp wget http:\/\/www.rfxn.com\/downloads\/maldetect-current.tar.gz Installing # tar xfz maldetect-current.tar.gz cd maldetect-* .\/install.sh Configuring Open the file \/usr\/local\/maldetect\/conf.maldet and make any changes according to your needs. These are the main options: email_alert : If you would like to receive email alerts, then it should be set to 1. email_subj : Set your email subject here. […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[164,3,170,171,131,12],"tags":[187,117],"class_list":["post-970","post","type-post","status-publish","format-standard","hentry","category-centos","category-linux","category-security","category-security-linux","category-ubuntu-linux","category-webhosting","tag-lmd","tag-malware"],"_links":{"self":[{"href":"https:\/\/scunster.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/970","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/scunster.co.uk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/scunster.co.uk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/scunster.co.uk\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/scunster.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=970"}],"version-history":[{"count":5,"href":"https:\/\/scunster.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/970\/revisions"}],"predecessor-version":[{"id":975,"href":"https:\/\/scunster.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/970\/revisions\/975"}],"wp:attachment":[{"href":"https:\/\/scunster.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=970"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/scunster.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=970"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/scunster.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=970"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}