Install Maldet on Linux server ..

In this forum you can read tutorials. You can also post your own tutorials to help other members.
HR-ADMIN
Site Admin
Posts: 22
Joined: Sat Mar 16, 2013 9:54 pm

Install Maldet on Linux server ..

Postby HR-ADMIN » Sat Jun 01, 2013 12:39 pm

Maldet also known as Linux Malware Detect virus scanner for Linux.

Go to the below path

cd /usr/local/src/

Download the tar file using the below link:

wget http://www.rfxn.com/downloads/maldetect-current.tar.gz

Extract the file using the below command

tar -xzf maldetect-current.tar.gz

go to the maldet folder

cd maldetect-*

Now, run the below command to install maldet.

sh ./install.sh or sudo sh ./install.sh

It will give below output

Linux Malware Detect v1.3.4
(C) 1999-2010, R-fx Networks <proj@r-fx.org>
(C) 2010, Ryan MacDonald <ryan@r-fx.org>
inotifywait (C) 2007, Rohan McGovern <rohan@mcgovern.id.au>
This program may be freely redistributed under the terms of the GNU GPL


installation completed to /usr/local/maldetect
config file: /usr/local/maldetect/conf.maldet
exec file: /usr/local/maldetect/maldet
exec link: /usr/local/sbin/maldet
cron.daily: /etc/cron.daily/maldet

maldet(32517): {sigup} performing signature update check…
maldet(32517): {sigup} local signature set is version 2010051510029
maldet(32517): {sigup} latest signature set already installed




To update the maldet use the below commands.

maldet –update-ver

maldet –update

To scan the files.

maldet -a /home/username/

It will scan all the files and provide you the output.



To scan all user uder public_html paths under /home*/ this can be done with:

root@server[~]# maldet –scan-all /home?/?/public_html

To scan the same path but the content that has been created/modified in the last 5 days:

root@server[~]# maldet –scan-recent /home?/?/public_html 5

To scan but forget to turn on the quarantine option, you could quarantine all malware results from a previous scan with:

root@server[~]# maldet –quarantine SCANID

If you wanted to attempt a clean on all malware results from a previous scan that did not have the feature enabled, you would do with.

root@server[~]# maldet –clean SCANID

If you had a file that was quarantined from a false positive or that you simply want to restore (i.e: you manually cleaned it), you can use the following:

root@server[~]# maldet –restore config.php.2384
root@server[~]# maldet –restore /usr/local/maldetect/quarantine/config.php.2384
Hostripples - Leaders in Linux Hosting
http://www.hostripples.com

http://blog.hostripples.com
HostRipples | Domain Name Registration & $1 Web Hosting

Return to “Tutorials / How tos?”

Who is online

Users browsing this forum: No registered users and 1 guest