Though Linux is a less targeted operating system, it’s still important to monitor for malware. One of the best tools out there for doing so is Linux Malware Detect, which uses a variety of metrics to identify and remove malware. When used in conjunction with ClamAV, the well known antivirus solution for Linux (as well as Mac and Windows), Linux Malware Detect provides a very good defense against malicious software.
In order to install Linux Malware Detect, you’ll first need to download the installation tarball from the project’s web site. You can find it at this address.
Take your tarball and extract it into /usr/src/. Change into the resulting directory.
tar -xvf maldetect-current.tar.gz
An installation script is available for you to install LMD. Run it using this command:
Now let’s configure our Linux Malware Detect installation. We’ll need to make a few basic modifications to the default configuration file, so go ahead and open it in a text editor:
Here are the settings as they should look:
Next, we’ll be installing ClamAV, so that Linux Malware Detect can use it as its antivirus engine.
apt-get install clamav -y
You can do a lot with Linux Malware Detect. Here’s a sample of some commands you may find useful.
To update the library of malware detection signatures:
To update Linux Malware Detect’s malware versions:
To scan all the files residing in a specific directory:
maldet -a /path
To put all threats that Linux Malware Detect has identified into quarantine:
maldet -q SCANID
To restore files from quarantine:
maldet –s SCANID
With Linux Malware Detect and ClamAV, you can rest easy knowing that you’ve got one of the premiere antimalware and antivirus solutions available for Linux. If you found this article helpful, feel free to share it with your friends and let us know in the comments below!