Linux Malware Detect ( LMD )
Easy way to install LMD via root shell.
# vim maldetect.sh
#/bin/bash
mkdir tmp
cd tmp
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -xzvf maldetect-current.tar.gz
cd maldetect-*
Execute the Script.
# sh maldetect.sh
Linux Malware Detect v1.4.1
(C) 2002-2011, R-fx Networks
(C) 2011, Ryan MacDonald
inotifywait (C) 2007, Rohan McGovern
This program may be freely redistributed under the terms of the GNU GPL
installation completed to /usr/local/maldetect
config file: /usr/local/maldetect/conf.maldet
exec file: /usr/local/maldetect/maldet
exec link: /usr/local/sbin/maldet
exec link: /usr/local/sbin/lmd
cron.daily: /etc/cron.daily/maldet
maldet(26988): {sigup} performing signature update check…
maldet(26988): {sigup} local signature set is version 201205035915
maldet(26988): {sigup} new signature set (2012072417089) available
maldet(26988): {sigup} downloaded http://www.rfxn.com/downloads/md5.dat
maldet(26988): {sigup} downloaded http://www.rfxn.com/downloads/hex.dat
maldet(26988): {sigup} downloaded http://www.rfxn.com/downloads/rfxn.ndb
maldet(26988): {sigup} downloaded http://www.rfxn.com/downloads/rfxn.hdb
maldet(26988): {sigup} downloaded http://www.rfxn.com/downloads/maldet-clean.tgz
maldet(26988): {sigup} signature set update completed
maldet(26988): {sigup} 9700 signatures (7833 MD5 / 1867 HEX)
If we wanted to scan all user public_html paths under /home*/ this can be done with:
maldet –scan-all /home?/?/public_html
=================================================>