You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
38 lines
1.1 KiB
38 lines
1.1 KiB
# MalDetect For Ubuntu:
|
|
### FYI
|
|
I'm not sure how usefull this is on systems, it is for monitoring your web server.
|
|
## Install clamAV
|
|
```
|
|
$ sudo apt update && sudo apt install -y perl wget
|
|
$ sudo apt install -y clamav clamav-daemon
|
|
$ sudo freshclam
|
|
```
|
|
## maldetect
|
|
```
|
|
$ sudo apt install -y inotify-tools
|
|
$ wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
|
|
$ tar -xzf maldetect-current.tar.gz
|
|
$ cd maldetect-*
|
|
$ sudo ./install.sh
|
|
$ sudo nano /usr/local/maldetect/monitor_paths
|
|
/tmp
|
|
/var/www
|
|
/home
|
|
|
|
$ sudo nano /usr/local/maldetect/conf.maldet
|
|
quarantine_hits Move infected files to quarantine 1 (enable)
|
|
quarantine_clean Automatically clean malware 0 (manual review recommended)
|
|
scan_clamscan Use ClamAV for scanning 1 (if ClamAV is installed)
|
|
inotify_monitor Enable real-time monitoring 1 (enable)
|
|
```
|
|
## Active Monitor
|
|
```
|
|
$ sudo maldet --monitor /usr/local/maldetect/monitor_paths
|
|
$ sudo crontab -e
|
|
0 2 * * * /usr/local/maldetect/maldet --scan-all /var/www /home -r /root/maldet-scan.log
|
|
```
|
|
## Update maldetect Signatures
|
|
```
|
|
$ sudo maldet --update
|
|
$ sudo maldet --monitor enable
|
|
```
|
|
|