Install and configure Linux Malware Detect on a CentOS

lmdLinux Malware Detect or just Maldet is free and open source malware scanner for Linux machines. It scans the machine for known malwares and quarantine suspicious files or simply alert you for their presence. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection. In addition, threat data is also derived from user submissions with the LMD checkout feature and from malware community resources.

In this tutorial we will show you how to install Linux Malware detect on your CentOS VPS.

Log in to your server as user root and update the packages:

# yum update -y

Now, go to Linux Malware Detect’s official website and download it to your server

# wget http://www.rfxn.com/downloads/maldetect-current.tar.gz

Unpack the downloaded Linux Malware detect archive

# tar xfz maldetect-current.tar.gz

Change the current working directory

# cd maldetect-*

And run the installation script

# ./install.sh

You should get the following output

Linux Malware Detect v1.4.2
(C) 2002-2013, R-fx Networks <proj@r-fx.org>
(C) 2013, Ryan MacDonald <ryan@r-fx.org>
inotifywait (C) 2007, Rohan McGovern <rohan@mcgovern.id.au>
This program may be freely redistributed under the terms of the GNU GPL

installation completed to /usr/local/maldetect
config file: /usr/local/maldetect/conf.maldet
exec file: /usr/local/maldetect/maldet
exec link: /usr/local/sbin/maldet
exec link: /usr/local/sbin/lmd
cron.daily: /etc/cron.daily/maldet

maldet(776): {sigup} performing signature update check…
maldet(776): {sigup} local signature set is version 201205035915
maldet(776): {sigup} new signature set (2014082316728) available
maldet(776): {sigup} downloaded http://cdn.rfxn.com/downloads/md5.dat
maldet(776): {sigup} downloaded http://cdn.rfxn.com/downloads/hex.dat
maldet(776): {sigup} downloaded http://cdn.rfxn.com/downloads/rfxn.ndb
maldet(776): {sigup} downloaded http://cdn.rfxn.com/downloads/rfxn.hdb
maldet(776): {sigup} downloaded http://cdn.rfxn.com/downloads/maldet-clean.tgz
maldet(776): {sigup} signature set update completed
maldet(776): {sigup} 11788 signatures (9895 MD5 / 1893 HEX)

Open Maldet’s configuration file

# nano /usr/local/maldetect/conf.maldet

And change the following settings:
email_alert=1 – Enable email alerts
email_addr=”user@yourdomain.tld” – Enter the destination address for email alerts
quar_hits=1 – Move the detected malware to quarantine and send an alert
quar_clean=1 – Try to clean sthe detected malware injections

There are more options that you can configure according to your needs.

After the installation a daily cronjob which checks for the latest version of Maldet and malware definition/signature files is automatically created.

That’s all. Linux Malware Detect is installed and configured on your server.

To scan a directory uou can use

# malder -a /path/to/directory

To update Maldet use the below command

# maldet -u

You can find the details on all options by executing

# malder – h

or read the README file.

Install and configure Linux Malware Detect on a CentOS
Written by: AFRIDA YANTI
Reting: 4.9


Cheap Best Hosting is a leading provider of web hosting, shared hosting, resellers hosting, virtual private servers, vps hosting, dedicated servers and domain name registration.


Follow me on Google+ | Twitter | Facebook | Linkedin | YouTube

Share This Post

Recent Articles

Leave a Reply

© 2017 Cheap Best Hosting Blog. All rights reserved. · Entries RSS · Comments RSS
Hosting By Cheap Best Hosting