{"id":2358,"date":"2016-08-03T13:37:46","date_gmt":"2016-08-03T17:37:46","guid":{"rendered":"https:\/\/www.globo.tech\/learning-center\/?p=2358"},"modified":"2017-12-12T15:48:53","modified_gmt":"2017-12-12T20:48:53","slug":"install-use-lmd-clamav-centos-7","status":"publish","type":"post","link":"https:\/\/www.globo.tech\/learning-center\/install-use-lmd-clamav-centos-7\/","title":{"rendered":"How to Install and Use Linux Malware Detect (LMD) with ClamAV on CentOS 7"},"content":{"rendered":"

How to Install and Use Linux Malware Detect (LMD) with ClamAV on CentOS 7<\/h1>\n

There is less risk of malevolent software on Linux and Unix systems compared to other operating systems, but they are not necessarily immune to the threat of malware and viruses. Linux Malware Detect (LMD) is a free, open source malware scanner for Linux designed especially for mitigating malware risks in a shared hosting environment. It is often used in conjunction with ClamAV as an antivirus engine. LMD itself is licensed under the GNU General Public License, version 2, and the source is hosted on Github.<\/p>\n

Getting started<\/h2>\n

In order to follow this guide, you will need the following:
\n\u2022 1 Node (Cloud Server<\/a> or Dedicated Server<\/a>) running a clean installation of CentOS 7.
\n\u2022 Root access to the server<\/p>\n

Tutorial<\/h2>\n

The first step is to install LMD. You will need to install it from source, so download the installation tarball from the project\u2019s web site.<\/p>\n

wget http:\/\/www.rfxn.com\/downloads\/maldetect-current.tar.gz<\/code><\/p>\n

Extract the tarball into your \/usr\/src\/ folder, and then make it your current working directory.<\/p>\n

cd \/usr\/src
\ntar -xvf maldetect-current.tar.gz
\ncd maldetect*<\/code><\/p>\n

You can complete the installation by using the installation script.<\/p>\n

.\/install.sh<\/code><\/p>\n

Configuring Linux Malware Detect (LMD)<\/h2>\n

LMD’s configuration is stored in conf.maldet. We’ll need to make some changes to the default setup, so open this file in an editor.<\/p>\n

nano \/usr\/local\/maldetect\/conf.maldet<\/code><\/p>\n

Into the file, modify these following sections:
\n#!\/bin\/bash
\n#
\n##
\n# Linux Malware Detect vX.X.X
\n[...]
\n# [ EMAIL ALERTS ]
\n##
\n# The default email alert toggle
\n# [0 = disabled, 1 = enabled]
\nemail_alert=1<\/code><\/p>\n

# The subject line for email alerts
\nemail_subj=\"maldet alert from $(hostname)\"<\/code><\/p>\n

# The destination addresses for email alerts
\n# [ values are comma (,) spaced ]
\nemail_addr=\"your@email.com\"<\/code><\/p>\n

# Ignore e-mail alerts for reports in which all hits have been cleaned.
\n# This is ideal on very busy servers where cleaned hits can drown out
\n# other more actionable reports.
\nemail_ignore_clean=\"0\"
\n[...]
\n# [ QUARANTINE OPTIONS ]
\n##
\n# The default quarantine action for malware hits
\n# [0 = alert only, 1 = move to quarantine & alert]
\nquar_hits=0<\/code><\/p>\n

# Try to clean string based malware injections
\n# [NOTE: quar_hits=1 required]
\n# [0 = disabled, 1 = clean]
\nquar_clean=0<\/code><\/p>\n

# The default suspend action for users wih hits
\n# Cpanel suspend or set shell \/bin\/false on non-Cpanel
\n# [NOTE: quar_hits=1 required]
\n# [0 = disabled, 1 = suspend account]
\nquar_susp=0
\n[...]
\n# [ SCAN OPTIONS ]
\n##
\n[...]
\n# [ 0 = disabled, 1 = enabled; enabled by default ]
\nclamav_scan=1<\/code><\/p>\n

And these are the most important settings to be configured:<\/p>\n

email_alert=1
\nemail_addr=youremail@localhost
\nemail_subj=\"Malware alerts for $HOSTNAME - $(date +%Y-%m-%d)\"
\nquar_hits=1
\nquar_clean=1
\nquar_susp=1
\nclam_av=1<\/code><\/p>\n

The next task is to install ClamAV and have LMD use it as the antivirus engine. To install ClamAV, you will need to add a repository to your system. Create a repo file at \/etc\/yum.repos.d called dag.repo.<\/p>\n

nano \/etc\/yum.repos.d\/dag.repo<\/code><\/p>\n

Then copy the following into dag.repo.<\/p>\n

[dag]
\nname=Dag RPM Repository for Red Hat Enterprise Linux
\nbaseurl=http:\/\/apt.sw.be\/redhat\/el$releasever\/en\/$basearch\/dag\/
\ngpgcheck=1
\ngpgkey=http:\/\/dag.wieers.com\/packages\/RPM-GPG-KEY.dag.txt
\nenabled=1<\/code><\/p>\n

Once you’re done setting up the new repository, you can install clamd using yum.<\/p>\n

yum update && yum install clamd<\/code><\/p>\n

Conclusion<\/h2>\n

You’re now done with the installation process, and can use LMD with ClamAV to detect malware on your server. If this guide was helpful to you, kindly share it with others who may also be interested. <\/p>\n

Here are a few commands you may find useful:<\/p>\n

To update the LMD malware detection signatures:<\/p>\n

maldet -u<\/code><\/p>\n

To update the LMD malware version:<\/p>\n

maldet -d<\/code><\/p>\n

To scan all files located in a specific directory:<\/p>\n

maldet -a \/path<\/code><\/p>\n

To put all detected threats into quarantine:<\/p>\n

maldet -q SCANID<\/code><\/p>\n

To restore files from quarantine:<\/p>\n

maldet \u2013s SCANID<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"

How to Install and Use Linux Malware Detect (LMD) with ClamAV on CentOS 7 There is less risk of malevolent software on Linux and Unix systems compared to other operating systems, but they are not necessarily immune to the threat of malware and viruses. Linux Malware Detect (LMD) is a free, open source malware scanner<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[73],"tags":[],"class_list":["post-2358","post","type-post","status-publish","format-standard","hentry","category-security","operating_system-centos-7"],"yoast_head":"\nHow to Install and Use Linux Malware Detect (LMD) with ClamAV on CentOS 7 - Globo.Tech<\/title>\n<meta name=\"description\" content=\"This tutorial will show you how to install and use Linux Malware Detect (LMD) used with ClamAV on your CentOS 7 server. Read now !\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.globo.tech\/learning-center\/install-use-lmd-clamav-centos-7\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Install and Use Linux Malware Detect (LMD) with ClamAV on CentOS 7 - Globo.Tech\" \/>\n<meta property=\"og:description\" content=\"This tutorial will show you how to install and use Linux Malware Detect (LMD) used with ClamAV on your CentOS 7 server. Read now !\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.globo.tech\/learning-center\/install-use-lmd-clamav-centos-7\/\" \/>\n<meta property=\"og:site_name\" content=\"Globo.Tech\" \/>\n<meta property=\"article:published_time\" content=\"2016-08-03T17:37:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2017-12-12T20:48:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.globo.tech\/learning-center\/wp-content\/uploads\/2016\/09\/GloboTech-Logo.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"963\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"GloboTech Communications\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"GloboTech Communications\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.globo.tech\/learning-center\/install-use-lmd-clamav-centos-7\/\",\"url\":\"https:\/\/www.globo.tech\/learning-center\/install-use-lmd-clamav-centos-7\/\",\"name\":\"How to Install and Use Linux Malware Detect (LMD) with ClamAV on CentOS 7 - Globo.Tech\",\"isPartOf\":{\"@id\":\"https:\/\/www.globo.tech\/learning-center\/#website\"},\"datePublished\":\"2016-08-03T17:37:46+00:00\",\"dateModified\":\"2017-12-12T20:48:53+00:00\",\"author\":{\"@id\":\"https:\/\/www.globo.tech\/learning-center\/#\/schema\/person\/e17784b37f4a4f49b7bc611847912e87\"},\"description\":\"This tutorial will show you how to install and use Linux Malware Detect (LMD) used with ClamAV on your CentOS 7 server. Read now !\",\"breadcrumb\":{\"@id\":\"https:\/\/www.globo.tech\/learning-center\/install-use-lmd-clamav-centos-7\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.globo.tech\/learning-center\/install-use-lmd-clamav-centos-7\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.globo.tech\/learning-center\/install-use-lmd-clamav-centos-7\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.globo.tech\/learning-center\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Install and Use Linux Malware Detect (LMD) with ClamAV on CentOS 7\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.globo.tech\/learning-center\/#website\",\"url\":\"https:\/\/www.globo.tech\/learning-center\/\",\"name\":\"Globo.Tech\",\"description\":\"Welcome to the Official Globo.Tech Learning Center\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.globo.tech\/learning-center\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.globo.tech\/learning-center\/#\/schema\/person\/e17784b37f4a4f49b7bc611847912e87\",\"name\":\"GloboTech Communications\",\"sameAs\":[\"http:\/\/www.gtcomm.net\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Install and Use Linux Malware Detect (LMD) with ClamAV on CentOS 7 - Globo.Tech","description":"This tutorial will show you how to install and use Linux Malware Detect (LMD) used with ClamAV on your CentOS 7 server. Read now !","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.globo.tech\/learning-center\/install-use-lmd-clamav-centos-7\/","og_locale":"en_US","og_type":"article","og_title":"How to Install and Use Linux Malware Detect (LMD) with ClamAV on CentOS 7 - Globo.Tech","og_description":"This tutorial will show you how to install and use Linux Malware Detect (LMD) used with ClamAV on your CentOS 7 server. Read now !","og_url":"https:\/\/www.globo.tech\/learning-center\/install-use-lmd-clamav-centos-7\/","og_site_name":"Globo.Tech","article_published_time":"2016-08-03T17:37:46+00:00","article_modified_time":"2017-12-12T20:48:53+00:00","og_image":[{"width":1920,"height":963,"url":"https:\/\/www.globo.tech\/learning-center\/wp-content\/uploads\/2016\/09\/GloboTech-Logo.png","type":"image\/png"}],"author":"GloboTech Communications","twitter_misc":{"Written by":"GloboTech Communications","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.globo.tech\/learning-center\/install-use-lmd-clamav-centos-7\/","url":"https:\/\/www.globo.tech\/learning-center\/install-use-lmd-clamav-centos-7\/","name":"How to Install and Use Linux Malware Detect (LMD) with ClamAV on CentOS 7 - Globo.Tech","isPartOf":{"@id":"https:\/\/www.globo.tech\/learning-center\/#website"},"datePublished":"2016-08-03T17:37:46+00:00","dateModified":"2017-12-12T20:48:53+00:00","author":{"@id":"https:\/\/www.globo.tech\/learning-center\/#\/schema\/person\/e17784b37f4a4f49b7bc611847912e87"},"description":"This tutorial will show you how to install and use Linux Malware Detect (LMD) used with ClamAV on your CentOS 7 server. Read now !","breadcrumb":{"@id":"https:\/\/www.globo.tech\/learning-center\/install-use-lmd-clamav-centos-7\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.globo.tech\/learning-center\/install-use-lmd-clamav-centos-7\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.globo.tech\/learning-center\/install-use-lmd-clamav-centos-7\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.globo.tech\/learning-center\/"},{"@type":"ListItem","position":2,"name":"How to Install and Use Linux Malware Detect (LMD) with ClamAV on CentOS 7"}]},{"@type":"WebSite","@id":"https:\/\/www.globo.tech\/learning-center\/#website","url":"https:\/\/www.globo.tech\/learning-center\/","name":"Globo.Tech","description":"Welcome to the Official Globo.Tech Learning Center","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.globo.tech\/learning-center\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.globo.tech\/learning-center\/#\/schema\/person\/e17784b37f4a4f49b7bc611847912e87","name":"GloboTech Communications","sameAs":["http:\/\/www.gtcomm.net"]}]}},"_links":{"self":[{"href":"https:\/\/www.globo.tech\/learning-center\/wp-json\/wp\/v2\/posts\/2358","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.globo.tech\/learning-center\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.globo.tech\/learning-center\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.globo.tech\/learning-center\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.globo.tech\/learning-center\/wp-json\/wp\/v2\/comments?post=2358"}],"version-history":[{"count":9,"href":"https:\/\/www.globo.tech\/learning-center\/wp-json\/wp\/v2\/posts\/2358\/revisions"}],"predecessor-version":[{"id":3990,"href":"https:\/\/www.globo.tech\/learning-center\/wp-json\/wp\/v2\/posts\/2358\/revisions\/3990"}],"wp:attachment":[{"href":"https:\/\/www.globo.tech\/learning-center\/wp-json\/wp\/v2\/media?parent=2358"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.globo.tech\/learning-center\/wp-json\/wp\/v2\/categories?post=2358"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.globo.tech\/learning-center\/wp-json\/wp\/v2\/tags?post=2358"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}