Linux Malware Detect (LMD) is an open source and free malware scanner and detector for Unix/Linux based operating systems. It is designed to figure out threats faced by hosting environments.
1. cd /usr/local/src
2. wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
3. tar -xzvf maldetect-current.tar.gz
4. cd maldetect-*
5. sh ./install.sh
Maldet can be configured by editing the file "/usr/local/maldetect/conf.maldet".
You may edit the following values to configure Maldet to your needs
email_alert : If you would like to receive email alerts, then it should be set to 1.
email_subj : Set your email subject here.
email_addr : Add your email address to receive malware alerts.
quar_hits : The default quarantine action for malware hits, it should be set 1.
quar_clean : Cleaing detected malware injections, must set to 1.
quar_susp : The default suspend action for users wih hits, set it as per your requirements.
quar_susp_minuid : Minimum userid that can be suspended.
If you would like to scan user’s Home directory, then simply issue following command
# maldet --scan-all /home
To scan a specific website, run the following command:
maldet -a website-path
eg:maldet -a /var/www/vhosts/lua.co.uk/
you can examine the malware scan report by running the following command and appending the scan report ID.
#maldet --report SCANID
To quarantine the infected files, run the following command with the scan report ID. The infected files will then be quarantined for cleaning.
#maldet -q SCANID