How To Detect Malware On Linux

How To Detect Malware On Linux ?

Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection

LMD uses MD5 file hashes and HEX pattern matches as signatures. These signatures are built from malware data that was delivered by IPSes, community data, ClamAV and user submissions.

Today i am going to show  you how to install and configure LMD to scan for malware on your Linux system. i am using KaliLinux for this demonstration, but you can use same commands with CentOS , RHEL and other Linux distributions.

Let’s start by downloading the latest version and install LMD:-

Open the Terminal and enter the following command to download LMD

Now Extract it with the following command

Now you need to be enter the following command to install

After installation, daily cron job is added in /etc/cron.daily/maldet, which checks for the latest version of LMD and malware definition/signature files, and update them automatically. If inotify-based real time monitoring is enabled, the daily cron job also scans the recently updated/created files for malware.

To initiate malware scanning manually, run maldet with a target folder to scan.

After scanning, you can examine malware scan report by running the following command with the scan report ID.

Scan a Certain Folder :-

If you want to actively monitor specific directories for malware infection, you can run maldet as a daemon as follows.

Email Notifications :- If you want to have maldet alert you on detected malware by email, you can modify maldet configuration as follows.

$  vi /usr/local/maldetect/conf.maldet

Hope you like my post.How To Detect Malware On Linux . Please Share with others.