Breaking News
Loading...
Tuesday, August 6, 2013
» » » » » » » » How to install Linux Malware Detect (LMD) in CentOS 6/Redhat/Fedora

How to install Linux Malware Detect (LMD) in CentOS 6/Redhat/Fedora

3:28 PM

 

1. What is Malware?

Malware is called malicious software, script or code which is created and used by hackers to retrieve information of private data or gain access to any private computer systems. Malware can be trojans, viruses, spyware, adware, rootkits or any other malicious programs which can be very harmful to any computer user.

2. What is Linux Malware Detect (LMD)?

Linux Malware Detect (LMD) is an open source and free malware scanner and detector for Unix/Linux based operating systems, released under GNU GPLv2. It is designed to figure out threats faced by shared hosting environments. For more information and features visit at

 3. Install Linux Malware Detect (LMD) in CentOS 6/Redhat/Fedora

Step 1: Downloading Linux Malware Detect (LMD)

Downloading latest LMD package using following wget command.
# cd /tmp
# wget http://www.rfxn.com/downloads/maldetect-current.tar.gz

Step 2: Installing LMD

Installation and Configuration of LMD is a bit easy task, just follow below steps as root user.
# tar xfz maldetect-current.tar.gz
# cd maldetect-* 
# ./install.sh

Step 3: Configuring LMD

By default all options are fully commented in the configuration file, so configure it according to your needs. But before making any changes let’s have a detailed review of each option below.
  1. email_alert : If you would like to receive email alerts, then it should be set to 1.
  2. email_subj : Set your email subject here.
  3. email_addr : Add your email address to receive malware alerts.
  4. quar_hits : The default quarantine action for malware hits, it should be set 1.
  5. quar_clean : Cleaing detected malware injections, must set to 1.
  6. quar_susp : The default suspend action for users wih hits, set it as per your requirements.
  7. quar_susp_minuid : Minimum userid that can be suspended.
Open file /usr/local/maldetect/conf.maldet and make changes according to your needs.
# vi /usr/local/maldetect/conf.maldet
 
 
Note:
Edit line 17,24,36,41,47,49

Step 4: Manual Scans and Usage

If you would like to scan user’s Home directory, then simply issue following command.
# maldet --scan-all /home
You performed a scan but failed to turn on the quarantine option, don’t worry just use the following command to turn on and quarantine all previous malware scan results.
# maldet --quarantine SCANID OR
# maldet --clean SCANID

Step 5: Daily Scans

By default installation keeps LMD script under /etc/cron.daily/maldet and it is used to perform a daily scans, update of signatures, quarantine etc, and sends a daily report of malware scan to your specified emails. If you need to add additional paths to be scanned, then you should edit this file accordingly to your requirements.
# vi /etc/cron.daily/maldet

Good Luck For You 

Posted by at 3:28 PM
Share:

2 comments:

  1. MikeAugust 19, 2013 at 12:58 AM

    This one is great efforts to collect information. Thanks for this. While surfing internet I have found articles that gives simple steps and commands to install maldet
    http://www.technicaltalk.net/index.php?topic=5090.0

    ReplyDelete
  2. howtolinux247August 19, 2013 at 6:50 AM

    Thanks for the comments Mike

    ReplyDelete

Subscribe to: Post Comments (Atom)
 
Toggle Footer