How To Install Linux Malware Detect on Ubuntu 15.04

Install Linux Malware Detect on Ubuntu 15.04

In this tutorial, we will show you how to install Linux Malware Detect on Ubuntu 15.04. For those of you who didn’t know, Linux Malware Detect is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection.

In addition, threat data is also derived from user submissions with the LMD checkout feature and from malware community resources. The signatures that LMD uses are MD5 file hashes and HEX pattern matches, they are also easily exported to any number of detection tools such as ClamAV.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple. I will show you through the step-by-step installation of Linux Malware Detect on Ubuntu 15.04 server.

Install Linux Malware Detect on Ubuntu 15.04

Step 1. First of all, make sure that all packages are up to date.

yum -y update

Step 2. Install Linux Malware Detect.

Download the latest stable version of Linux Malware Detect, At the moment of writing this article it is version 1.4.2:

wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar xfz maldetect-current.tar.gz
cd maldetect-*

And run the installation script:

sudo ./install.sh

You should get the following output:

Linux Malware Detect v1.4.2
(C) 2002-2013, R-fx Networks <proj@r-fx.org>
(C) 2013, Ryan MacDonald <ryan@r-fx.org>
inotifywait (C) 2007, Rohan McGovern <rohan@mcgovern.id.au>
This program may be freely redistributed under the terms of the GNU GPL

installation completed to /usr/local/maldetect
config file: /usr/local/maldetect/conf.maldet
exec file: /usr/local/maldetect/maldet
exec link: /usr/local/sbin/maldet
exec link: /usr/local/sbin/lmd
cron.daily: /etc/cron.daily/maldet

maldet(776): {sigup} performing signature update check...
maldet(776): {sigup} local signature set is version 201205035915
maldet(776): {sigup} new signature set (2014082316728) available
maldet(776): {sigup} downloaded http://cdn.rfxn.com/downloads/md5.dat
maldet(776): {sigup} downloaded http://cdn.rfxn.com/downloads/hex.dat
maldet(776): {sigup} downloaded http://cdn.rfxn.com/downloads/rfxn.ndb
maldet(776): {sigup} downloaded http://cdn.rfxn.com/downloads/rfxn.hdb
maldet(776): {sigup} downloaded http://cdn.rfxn.com/downloads/maldet-clean.tgz
maldet(776): {sigup} signature set update completed
maldet(776): {sigup} 11788 signatures (9895 MD5 / 1893 HEX)

Step 3. Configuring Linux Malware Detect on the Ubuntu server.

The configuration of LMD is handled through /usr/local/maldetect/conf.maldet and where we can define the working of LMD and what action to take:

nano /usr/local/maldetect/conf.maldet

And change the following settings:

email_alert=1 – Enable email alerts
email_addr=”user@yourdomain.tld” – Enter the destination address for email alerts
quar_hits=1 – Move the detected malware to quarantine and send an alert
quar_clean=1 – Try to clean sthe detected malware injections

Step 4. Start scanning manually.

To scan a directory you can use

maldet -a /path/to/directory

To update Maldet use the below command:

maldet -u

You can find the details on all options by executing:

maldet - h

Congratulations! You have successfully installed Linux Malware Detect (LMD). Thanks for using this tutorial for installing Linux Malware Detect in Ubuntu 15.04 system. For additional help or useful information, we recommend you check the official MLD website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!