How to install Linux Maldet Anti Sheller

This guide will walk you through installing LMD (Linux Malware Detect) on your VPS/Dedicated server

You will need to be logged in as root to the server over SSH.

Let's create a temporary directory and navigate into it, followed by downloading the latest release of maldet:

mkdir tmp
cd tmp
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz

Extract the archive containing LMD and navigate into the directory it creates:

tar xf maldetect-current.tar.gz && cd maldetect-*

Warning: Version may vary, you can check the current directory listing with the command `ls`

Once you're inside execute the install script:

./install.sh

This will automatically install a cronjob inside /etc/cron.daily/maldet as well, it will make LMD execute daily and scan local cPanel accounts for possible malware.

Usage is fairly simple, to scan user's home directory or any other directory you would simply execute:

maldet -a /home/user

Any path is alright.

Please note that LMD runs great with ClamAV.you can lear how to install it here in this artice.

Setting up e-mail alerts

LMD has an option to alert you each time it detects malware, please review these configuration variables inside /usr/local/maldetect/conf.maldet

variable value description
email_alert 1 or 0 enable or disable e-mail alerts
email_addr  e-mail address  target e-mail for notifications, should be put in quotes like: "[email protected]"

Other configuration variables that you should look into:

variable value description
quar_hits number if the number is different than 0, enables automatic quarantine
maxfilesize  size  makes LMD skip files larger than set size, for example "512k" (512 KB)

Additional information

You can read the readme file online, which describes the application, here:http://www.rfxn.com/appdocs/README.maldetect

Was this answer helpful?

 Print this Article

Also Read

Disable shell access for unknown users

Suspect there are other users in your system that have shell access to your system? Please follow...

what is eXploit Scanner (cxs)

eXploit Scanner (cxs) is a new tool from Configserver that performs active scanning of files as...

How to Secure WHM/cPanel

Login to WHM using root username/passwdhttp://serverip:2086 or http://serverip/whm WHM –...

Is my server hacked? Lets check it with rootkit hunter

RookHit Hunter is a command-line utility that will search your machine for...

Scan your Linux system with Clam AntiVirus/ClamAV.Installation Guide

ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware...