Installing LMD on RHEL/CentOS 7.0 and Fedora 22-24
LMD is not available from online repositories, but is distributed as a tarball from the project’s web site. The tarball containing the source code of the latest version is always available at the following link, where it can be downloaded with:
Step 1 :- wget https://www.rfxn.com/downloads/maldetect-current.tar.gz
Step 2 :- tar -xvf maldetect-current.tar.gz
Step 3 :- ls -l | grep maldetect
Step 4 :- ./install.sh
Step 1 :- wget https://www.rfxn.com/downloads/maldetect-current.tar.gz
Step 2 :- tar -xvf maldetect-current.tar.gz
Step 3 :- ls -l | grep maldetect
Step 4 :- ./install.sh
Configuring Linux Malware Detect
The configuration of LMD is handled through /usr/local/maldetect/conf.maldet and all options are well commented to make configuration a rather easy task. In case you get stuck, you can also refer to /usr/local/src/maldetect-1.4.2/README for further instructions.
In the configuration file you will find the following sections, enclosed inside square brackets:
EMAIL ALERTS
QUARANTINE OPTIONS
SCAN OPTIONS
STATISTICAL ANALYSIS
MONITORING OPTIONS
Important:-
Please note that quar_clean and quar_susp require that quar_hits be enabled (=1).
Summing up, the lines with these variables should look as follows in /usr/local/maldetect/conf.maldet:
In the configuration file you will find the following sections, enclosed inside square brackets:
EMAIL ALERTS
QUARANTINE OPTIONS
SCAN OPTIONS
STATISTICAL ANALYSIS
MONITORING OPTIONS
Important:-
Please note that quar_clean and quar_susp require that quar_hits be enabled (=1).
Summing up, the lines with these variables should look as follows in /usr/local/maldetect/conf.maldet:
Installing ClamAV on RHEL/CentOS 7.0 and Fedora 22-25
Step 4:- Create the repo file /etc/yum.repos.d/dag.repo:
Step 5:- yum update && yum install clamd
Step 9:- Testing Linux Malware Detect
wget http://www.eicar.org/download/eicar.com
# wget http://www.eicar.org/download/eicar.com.txt
# wget http://www.eicar.org/download/eicar_com.zip
# wget http://www.eicar.org/download/eicarcom2.zip
Step 10:- maldet --scan-all /var/www/
Step 11:- maldet --scan-all /var/www/*.zip
Step 12:- maldet --report xxxxx-xxxx.xxxx --- (view the report )
Step 13:- ls –l --- (check the quarantine folder )
Step 14:- rm -rf /usr/local/maldetect/quarantine/* --- (remove all quarantined files)
Step 15:- maldet --clean SCANID
Step 5:- yum update && yum install clamd
Step 9:- Testing Linux Malware Detect
wget http://www.eicar.org/download/eicar.com
# wget http://www.eicar.org/download/eicar.com.txt
# wget http://www.eicar.org/download/eicar_com.zip
# wget http://www.eicar.org/download/eicarcom2.zip
Step 10:- maldet --scan-all /var/www/
Step 11:- maldet --scan-all /var/www/*.zip
Step 12:- maldet --report xxxxx-xxxx.xxxx --- (view the report )
Step 13:- ls –l --- (check the quarantine folder )
Step 14:- rm -rf /usr/local/maldetect/quarantine/* --- (remove all quarantined files)
Step 15:- maldet --clean SCANID
