Scan Linux server with maldetect

Malware Detect (LMD) is a utility that scans Linux systems for malicious files (malware). Distributed under the GNU GPLv2 license.

MalDetect can use data from intrusion detection systems to extract malicious code (malware). It can also use the anti-virus base of other scanners, such as ClamAV.

MalDetect is not available in the software repository, so you need to download and install it manually:

cd /usr/local/src; wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -xzf maldetect-current.tar.gz; cd maldetect-*
sh ./install.sh; cd../
rm -rf maldetect -*

Update after installation:

maldet-update-ver
maldet-update

Scanning is performed as follows:

maldet -a /home?/?/public_html

or like this:

maldet -a /var/www/

Each scan is assigned a unique ID.

MalDetect does not delete files during a scan. At the end of each scan, you will receive a command with which you can view the scan log.

Something in the style:

maldet -report %report.ID%

In order to remove the detected files, you need to run the following command:

maldet -q %report.ID%

Twitter Facebook LinkedIn

Scan Linux server with maldetect

You May Also Enjoy

Using git-crypt to encrypt sensitive data in your git repository

GIT cheatsheet

List items should be accessed using square brackets

Use gitlab to store terraform state file