Table of Contents
Linux Malware Detect (Maldet) :
Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection.
Follow the steps below to install maldet on your server.
A) Install maldet on your server
1) SSH to your server
2) Download the tar file and install it.
cd /usr/local/src/ && wget http://www.rfxn.com/downloads/maldetect-current.tar.gz && tar -xzvf maldetect-current.tar.gz && cd maldetect-* && sh install.sh
This will automatically install a cronjob inside /etc/cron.daily/maldet so a daily scan will be run for local cPanel or Plesk accounts.
B) Update to the latest version and virus signatures:
maldet -d && maldet -u
C) Run the first scan manually
Launch a background scan for all user’s public_html and public_ftp in all home directories, run the following command:
maldet -b –scan-all /home?/?/public_?
D) Verify the scan report
1) List all scan reports time and SCANID:
maldet –report list
2) Show a specific report details :
maldet –report SCANID
3) Show all scan details from log file:
grep “{scan}” /usr/local/maldetect/event_log
E) Clean the malicious files
The quarantine is disabled. You will have to launch it manually.
maldet -q SCANID