+3 votes
324 views
Maldet - Malware detection in linux

in Linux / Unix by (552k points) | 324 views

1 Answer

+4 votes
Best answer

Malware in Linux
Remove malware in Linux
Maldet, an essential tool to eliminate malware in Linux

Maldet - Malware detection in Linux

Maldet is a software that will help us detect the malware that exists in our Linux equipment. It is very useful at the server level.

Malware in Linux

Computers with a Linux operating system can also have malware, this is not exclusive to Windows operating systems. Until now we were clear that in Windows there was malware and we had a series of tools to eliminate it, such as adwcleaner , antimalware bytes, ... but in Linux we did not have much experience to eliminate it, normally they usually enter by the use of cms, WordPress type and Joomla, either by using an incorrect configuration at the level of permissions or by plugins or extensions used that are vulnerable, not entirely secure or outdated.

Remove malware in Linux

To eliminate malware in Linux, we have several options, manually trying to find possible file-type vulnerabilities that are dedicated to sending spam emails in php files, looking for code patterns in these files, with the grep or find instructions.

With antivirus like clamscan / ClamAV that perform recursive searches in files finding suspicious files.

With search extensions in the main cms such as wordpress (wordfence, ...) or Joomla (centrora security) that perform scans of a whole website and detect if there is any vulnerability, some modified file on the original version, some incorrect file that is on our site and should not be there, ...

Maldet, an essential tool to eliminate malware in Linux

We have Maldet, an antimalware tool that will help us a lot in this task of eliminating compromised software, Maldet is what is called the software executable called Linux Malware Detect (LMD) , and that was initially born for CentOS operating systems, but it works for all Linux distributions: Debian, Ubuntu, ...

If we have ClamAV antivirus software installed, the performance will increase substantially. Both are compatible and Maldet is complemented by the Clamav Scanner Engine, much more powerful than the LMD.

First of all we will proceed to download the latest version from its website: URL Linux Malware Detect. Unzip the file and launch the execution of the installation.

wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar xvfz maldetect-current.tar.gz
cd maldetect-1.6.2 /
./install.sh
# Access the configuration file and enable the options that are interesting for the correct operation.
nano /usr/local/maldetect/conf.maldet

Once we have configured the desired options, we will proceed to update it.

If we launch the maldet executable with the -u option, the database will be updated. With the -d option the software will be updated to the latest version, which in this case is 1.6.2.

With the -a option, followed by the folder that you want to scan, the scan will be performed. It will show us a scanner in progress message. And at the end it will show us the results obtained on the screen and it will indicate a report number, which we will be able to consult later with the -report option and the number that it indicates. In this way we can see what files are compromised and proceed to analyze or delete them.

If the last scan has detected malicious files we can eliminate them with the maldet -n option. Always based on the last scan, if what we want is another different scan we can do it manually analyzing the indicated report.

In short, LMD is a powerful tool specialized in web servers and that will help us in the task of eliminating possible infections.


by (552k points)

Related questions

+3 votes
1 answer
asked May 26, 2019 in Linux / Unix by backtothefuture (552k points) | 290 views
+4 votes
1 answer
asked Jun 24, 2019 in Security by backtothefuture (552k points) | 214 views
+5 votes
1 answer
+3 votes
1 answer
asked Nov 29, 2020 in Help by backtothefuture (552k points) | 230 views
+3 votes
1 answer
asked Nov 18, 2019 in Mac by backtothefuture (552k points) | 359 views
Sponsored articles cost $40 per post. You can contact us via Feedback

Most popular questions within the last 30 days

10,659 questions
10,791 answers
510 comments
3 users