What is Linux Malware Detect (LMD)?
Before start to discuss about LMD, We should know what is Malware. Malware means “Malicious Software” its a software used to disrupt computer functionality, get unauthorized access of data or system & gather confidential data from remote system. It can be appear in the form of code, scripts, active content & some other software.
LMD is a malware scanner & detector tool for Linux operations system released under GNU GPLv2 License. It is design to checkout the threats faced in the sharing hosting environments. By using this tool we can check Malware presents in our server & delete it. You can read more about LMD to this link http://www.rfxn.com/appdocs/README.maldetect.
How To Install LMD on RHEL/CENTOS/DEBIAN/UBUNTU:—
Step1: Download LMD (Linux Malware Detect) Packages.
[root@demo ~]# cd /tmp
[root@demo ~]# wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
Step2:– Extract it on server & run install.sh script to install it on server.
[root@demo ~]# tar -zxvf maldetect-current.tar.gz
[root@demo ~]# cd maldetect-*
[root@demo ~]# ./install.sh
Step3:– Basic configuration of LMD
Main configuration files under /usr/local/maldetect/
config file: /usr/local/maldetect/conf.maldet
exec file: /usr/local/maldetect/maldet
exec link: /usr/local/sbin/maldet
[root@demo ~]# vim /usr/local/maldetect/conf.maldet
#Line 17 Change 0 TO 1
#Line 20 Change Email notification Subject as per req.
email_subj=" LMD Notification mail Server Demo.XXX.XXX
#Line 24 Replace your Admin ID
#Line 36 Change 0 to 1 (0 for Alert Only & 1 for to move malware into quarantine)
#Line 41 Change 0 to 1 ( to clean string base malware injections)
After made above changes save this file.
Step4: Scan suspicious data.
[root@demo ~]# maldet --scan-all /var/www/xyz-dir
This will process will take time according to your data size of /var/www/xyz-dir