How to secure Linux against malware

[DLow]

Rather your running your own Server utilizing a Linux distro for your own sites / projects or your running a web hosting business, This software is a must have it is called Mal-Det created by the same coders of APF "Advance policy firewall"

About the software

Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection. In addition, threat data is also derived from user submissions with the LMD checkout feature and from malware community resources. The signatures that LMD uses are MD5 file hashes and HEX pattern matches, they are also easily exported to any number of detection tools such as ClamAV.

wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar xfz maldetect-current.tar.gz
cd maldetect-*
./install.sh

If you installed correctly you should see this output

Linux Malware Detect v1.4.1 (C) 2002-2011, R-fx Networks (C) 2011, Ryan MacDonald inotifywait (C) 2007, Rohan McGovern This program may be freely redistributed under the terms of the GNU GPL installation completed to /usr/local/maldetect config file: /usr/local/maldetect/conf.maldet exec file: /usr/local/maldetect/maldet exec link: /usr/local/sbin/maldet exec link: /usr/local/sbin/lmd cron.daily: /etc/cron.daily/maldet maldet(5206): {sigup} performing signature update check... maldet(5206): {sigup} local signature set is version 201205035915 maldet(5206): {sigup} latest signature set already installed

Now that MalDet is installed you need to edit the configuration for your liking there is a lot of options for this tool, including automated suspension of a web site if your using cPanel/WHM
(with your favorite editor ie vi,nano etc )

Config: /usr/local/maldetect/conf.maldet

There is a large list of commands and such you can run with this tool, you can set it to monitor certain directory's such as /home and etc..

Here is the read me file, which will list all commands.

http://www.rfxn.com/appdocs/README.maldetect

 

[Technica]

Thanks for the information.

A article here gives clear and detailed instructions and commands to install maldet (Linux malware detect)
How to install Maldet - Commands to install Linux Malware Detect (LMD)

 

[MyBB Hoster]

Thank you so much for sharing this piece of knowledge. I am going to implement this on my server.