Home>Blog>ub>How to Install and Configure Linux Malware Detect (LMD) on Linux
ub

How to Install and Configure Linux Malware Detect (LMD) on Linux

You may ask, can Linux get attacked by malware? The answer is
always yes. Though most of the malware is created for windows, it
is possible that your Linux computer can also get attacked by
malware. Linux malware detect (LMD) is a tool that can be used on
the Linux system to scan, detect, and remove malware from your
system. The LMD can be used as a backdoor scanner on Linux. You can
also use the LMD with another antivirus to make the Linux system
more secure and virus free.

How LMD Works on
Linux

Simple password, spam, botnet, vulnerabilities, running infected
applications can be the reason how Linux can be attacked by
malware. The LMD is a real-time malware detection tool for Linux.
You can use the LMD with ClamAV antivirus to make the LMD more
efficient and strong.

The LMD can be used to scan and find malware on the Linux filesystem and directories[1]. It can be programmed to
scan the directory both automatically and manually. The LMD can
perform static analysis, dynamic analysis, and memory analysis to
detect malware on Linux. Malware can also be detected by analyzing
the actions of the processor and memory unit.

There are two types of high-level malware detection methods
available on Linux. They are the signature-based analysis and
signature-free analysis. The signature-based analysis is the method
to scan malware on databases and Linux servers. And, the signature free
analysis is an alternative way to find malware by monitoring the
system and devices. In this post, we will see how to install and
configure LMD on Linux. [2]

Step 1: Download LMD on
Linux

The very first step of installing LMD on Linux is to download
the Maldetect file on your system. If you are a Debian or Ubuntu[3]
user, I will recommend you to use the cURL tool to download the
file. If you are a Red Hat, Fedora, or other Linux user, you can
use either the wget command or the cURL command to
download the Maldetect file.

If you find any server or network error, please use the
https instead of http in the address
line. You can also download the Maldetect file manually from
here[4].

The terminal command line to download the Maldetect file is
given below. Normally the file is downloaded and stored in the
home directory of your Linux system. But you can
create a temporary file directory to store the file.

cd /tmp/
curl -O http://www.rfxn.com/downloads/maldetect-current.tar.gz

LMD on Linux curl download

Step 2: Extract and Install
LMD

Till now, we have downloaded the compressed file of Maldetect;
now, we have to extract and install the LMD tool on our Linux
machine. You can either use the default archive manager of Linux,
or you can use the following terminal command to extract the tar
file.

tar -zxvf maldetect-current.tar.gz

Now, enter the directory of the Maldetect and run the install
script to initialize the installation process of LMD on your Linux
machine. Don’t forget to run all the operations as a superuser.

cd maldetect-1.6.4
./install.sh

LMD on Linux install sh

After the installation is finished, you will be able to see the
version and the total number of users of LMD on your Linux terminal
shell. You can also check the version of LMD by performing the
following terminal command.

lmd --version

Step 3: Configure LMD on
Linux

After the installation is done, you can now open the
configuration script to add your desired rules inside the LMD
program. You can use any text editor[5]
to update the LMD configuration script. Here, I’m going to open the
LMD configuration script using the GNU Nano text editor. Use the
following terminal command line to open the configuration
script.

nano /usr/local/maldetect/conf.maldet

LMD on Linux nano

You can configure the email alert, root directory scan,
quarantine hits, malware injections, and suspend user settings by
adding the following configuration script in your LMD
configuration. After the configuration is placed correctly, you can
save and exit the text editor. Be careful when you edit the LMD
configuration script. The security of your Linux system can be
compromised if you put wrong LMD settings inside the script.
[6]

# Enable Email Alerting
email_alert="1"
# Email Address in which you want to receive scan reports
email_addr="[email protected]

[7]
# Enable scanning for root-owned files. Set 1 to disable.
scan_ignore_root=”0″
# Move threats to quarantine
quarantine_hits=”1″
# Clean string based malware injections
quarantine_clean=”1″
# Suspend user if malware found.
quarantine_suspend_user=”1″
# Minimum userid value that be suspended
quarantine_suspend_user_minuid=”500″

Step 4: Get Started With
LMD

After the configuration part is done, now it’s time to check the
system and find some malware. We can either run an automatic
malware detect daemon inside the Linux filesystem, or we can
perform some quick scans. The LMD can be used to kill and remove
malware from your Linux system. A few important and primary
operations of LMD are given below.

Use LMD to scan the temp directory.

maldet -a /tmp

melware detect temp scan

Assign a path to scan the system

sudo maldet -a /path/to/home

Create a scan report from the scan ID

sudo maldet --report 200809-1241.5744

LMD on Linux report cardLMD on Linux report card

Perform an update check of LMD

maldet -u

Use this command to update the LMD

maldet -d

update

Run the LMD daemon in the background

maldet -b -r /home/username/

Make an index of the scanned and affected
file

maldet -e list

Print the log file

maldet -l

To get more command syntax and user guide, you can check the LMD
help index from the Linux terminal shell.

lmd --help

Ending Words

The LMD works with some basic principles to find malware on the
Linux machine. It can monitor and read the system parameters to
detect unusual activities. In this post, I have described how the
LMD works on Linux. I have also explained how to install and
configure the Linux Malware Detect (LMD) on Linux.

If you are running any Linux distros on a raspberry pi board[8], you can secure your Pi
board by installing the LMD on your system. You can also protect
your Linux server form malware by using the LMD on your server.

If you find this post beneficial and helpful, please share it
with your friends and the Linux community. You can also write your
valuable judgments in the comment segment. Please let us know which
tool you are using to protect your Linux machine from malware.

 

References

  1. ^
    Everything You Need To Know About the
    Linux File System     (www.ubuntupit.com)
  2. ^
    40
    Useful Linux Server Commands for Beginners in 2020
    (www.ubuntupit.com)
  3. ^
    Debian
    vs Ubuntu: Top 15 Things To Know Before Choosing the Best One
    (www.ubuntupit.com)
  4. ^
    here
    (www.rfxn.com)
  5. ^
    text
    editor     (www.ubuntupit.com)
  6. ^
    Best
    Linux Antivirus: Top 10 Reviewed and Compared
    (www.ubuntupit.com)
  7. ^
    [email protected]
    (www.ubuntupit.com)
  8. ^
    raspberry pi board
    (www.ubuntupit.com)

Read more

Leave a Reply

Powered By Anakyst UK Work done easy Discover Great Places People Websites in Nigeria. Be Discovered and Discover Great Places People Products & Websites in Nigeria. Tell us what you need to advertise online onradio ontv and where you want to advertise and discover talented publishers and advertisers within minutes for just a fraction of the cost!JobScout | Developed By Rara Theme. Powered by WordPress.