In this article, we will have explained the necessary steps to install and configure Install Linux Malware Detect on CentOS 8. Before continuing with this tutorial, make sure you are logged in as a user with sudo privileges. All the commands in this tutorial should be run as a non-root user.
Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in a shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection.
Install Linux Malware Detect on CentOS
Step 1. The first command will update the package lists to ensure you get the latest version and dependencies.
1 | sudodnfupdate |
Step 2. Install Linux Malware Detect.
Go to the official Linux Malware Detect page and download the software to your server:
1 2 | cd/opt http://www.rfxn.com/downloads/maldetect-current.tar.gz |
Next, extract downloaded archove and install LMD tool:
1 2 3 | tarxvfmaldetect-current.tar.gz cdmaldetect-* shinstall.sh |
Once the installation process is complete, you should have the output below:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | LinuxMalwareDetectv1.6 (C)2002-2017,R-fxNetworks<proj@r-fx.org> (C)2017,RyanMacDonald<ryan@r-fx.org> ThisprogrammaybefreelyredistributedunderthetermsoftheGNUGPL installationcompletedto/usr/local/maldetect configfile:/usr/local/maldetect/conf.maldet execfile:/usr/local/maldetect/maldet execlink:/usr/local/sbin/maldet execlink:/usr/local/sbin/lmd cron.daily:/etc/cron.daily/maldet maldet(1346):{sigup}performingsignatureupdatecheck... maldet(1346):{sigup}localsignaturesetisversion2020010720059 maldet(1346):{sigup}newsignatureset(2020010720059)available maldet(1346):{sigup}downloadinghttps://cdn.rfxn.com/downloads/maldet-sigpack.tgz maldet(1346):{sigup}downloadinghttps://cdn.rfxn.com/downloads/maldet-cleanv2.tgz maldet(1346):{sigup}verifiedmd5sumofmaldet-sigpack.tgz maldet(1346):{sigup}unpackedandinstalledmaldet-sigpack.tgz maldet(1346):{sigup}verifiedmd5sumofmaldet-clean.tgz maldet(1346):{sigup}unpackedandinstalledmaldet-clean.tgz maldet(1346):{sigup}signaturesetupdatecompleted maldet(1346):{sigup}15216signatures(12486MD5|1961HEX|766YARA|0USER) |
Step 3. Configure Linux Malware Detect.
Linux Malware Detect configuration file is /usr/local/maldetect/conf.maldet and it can be modified as per the requirements below:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | # Enable Email Alerting email_alert="1" # Email Address in which you want to receive scan reports # Use with ClamAV scan_clamscan="1" # Enable scanning for root owned files. Set 1 to disable. scan_ignore_root="0" # Move threats to quarantine quarantine_hits="1" # Clean string based malware injections quarantine_clean="1" # Suspend user if malware found. quarantine_suspend_user="1" # Minimum userid value that be suspended quarantine_suspend_user_minuid="500" |
After succefully installed and configured Linux Malware Detect tool (LMD) on your system, lets run your first scann using following command:
1 | maldet--scann-all/var/www/http |
Congratulation, you have learned how to install and configure Linux Malware Detect on CentOS 8. If you have any question, please leave a comment below.
