bobs
/
execguard
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Exec Guardian
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
20 Commits
1 Branch
0 Tags
787 KiB
 
 
Tag: Branch: Tree: main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
execguard/docs/MalDetect.md

1.1 KiB
Raw Permalink Blame History

MalDetect For Ubuntu:

FYI

I'm not sure how usefull this is on systems, it is for monitoring your web server.

Install clamAV

$ sudo apt update && sudo apt install -y perl wget
$ sudo apt install -y clamav clamav-daemon
$ sudo freshclam

maldetect

$ sudo apt install -y inotify-tools
$ wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
$ tar -xzf maldetect-current.tar.gz
$ cd maldetect-*
$ sudo ./install.sh
$ sudo nano /usr/local/maldetect/monitor_paths
/tmp
/var/www
/home

$ sudo nano /usr/local/maldetect/conf.maldet
quarantine_hits	Move infected files to quarantine	1 (enable)
quarantine_clean	Automatically clean malware	0 (manual review recommended)
scan_clamscan	Use ClamAV for scanning	1 (if ClamAV is installed)
inotify_monitor	Enable real-time monitoring	1 (enable)

Active Monitor

$ sudo maldet --monitor /usr/local/maldetect/monitor_paths
$ sudo crontab -e
0 2 * * * /usr/local/maldetect/maldet --scan-all /var/www /home -r /root/maldet-scan.log

Update maldetect Signatures

$ sudo maldet --update
$ sudo maldet --monitor enable