Install Linux Malware Detect and ClamAV on CentOS: A Malware Scanner for Linux Operating System
A VPS server can be easily scanned for malware and viruses with Linux Malware Detect and ClamAV. In this tutorial, we’ll install both programs on CentOS and test them out.
So let’s get started,
Step 1: Install Linux Malware Detect
Run the following command to install Linux Malware Detect
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -xvf maldetect-current.tar.gz
cd maldetect-1.6.2
./install.sh
A cronjob task will be automatically created by Linux Malware Detect after the installation is complete.
Step 2: Configure Linux Malware Detect
All configuration settings of Linux Malware Detect are stored in the file /usr/local/maldetect/conf.maldet
# Enable Email Alerting
email_alert=1
# Email Address in which you want to receive scan reports
email_addr=youremail@localhost
# Email subject of the notification.
email_subj="Malware alerts for $HOSTNAME - $(date +%Y-%m-%d)"
# Move the malware to quarantine.
quar_hits=1
# Delete any malware detected.
quar_clean=1
# Use ClamAV's malware library to scan.
clamav_scan=1
Step 3: Install ClamAV
The EPEL repository must first be installed:
yum install epel-release
Next, we install ClamAV using the following command:
yum update && yum install clamav
Here’s how to use Linux Malware Detect
Using Linux Malware Detect, you can scan your system for malware after the installation process is complete,
The following command will scan a folder:
maldet --scan-all /home/domain.com/public_html
If you only want to scan some specified file types (.php for example), you can use the following command:
maldet --scan-all /home/domain.com/public_html/*.php
To view a scanning report, use the following command. Replace 17625-1711.5619 with the scan ID.
maldet --report 17625-1711.5619
To update Linux Malware Detect, run the following commands:
maldet -u
For a complete deletion of all quarantined files:
rm -rf /usr/local/maldetect/quarantine/*
How to Install Cisco Webex on Ubuntu
Get the most out of learning More in Home
FAQ
Linux Malware Detect (LMD) and ClamAV are open-source malware scanners for Linux operating systems. They can be used to scan files and directories for malware, viruses, and other malicious software.
Here are the steps to install Linux Malware Detect and ClamAV on CentOS:
Open the Terminal application on your CentOS system.
Run the following command to install ClamAV:
sqlsudo yum install clamav clamav-update
After the installation is complete, update the ClamAV virus signature database by running the following command:
sudo freshclam
Next, download and install Linux Malware Detect by running the following commands:
bashsudo wget https://www.rfxn.com/downloads/maldetect-current.tar.gz sudo tar -zxvf maldetect-current.tar.gz cd maldetect-* sudo ./install.sh
Once the installation is complete, update the Linux Malware Detect signature database by running the following command:
csssudo maldet --update-sigs
Finally, scan your system for malware by running the following command:
csssudo maldet -a /
By default, Linux Malware Detect and ClamAV are configured to run periodic scans and update their signature databases automatically. However, you can modify the configuration to suit your specific needs. The configuration files for Linux Malware Detect can be found in the /usr/local/maldetect/conf/
directory, while the configuration files for ClamAV can be found in the /etc/clamd.d/
directory.
It is recommended to run periodic scans with Linux Malware Detect and ClamAV at least once a week to ensure that your system remains secure. However, the frequency of scans may vary depending on the nature of your system and the level of risk involved.
If Linux Malware Detect or ClamAV detects malware on your system, you should take immediate action to remove the malware and prevent further infection. You can use the quarantine feature in Linux Malware Detect to isolate infected files and prevent them from spreading. Additionally, you should update your system software and security patches regularly to reduce the risk of malware infection.