Malware is head pain for almost all web owners a regular malware scan is a must have utility for linux based web servers.
Please follow the following steps to install and use Linux malware detect with ClamAV.
1. # yum update
2. # wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
3. # tar -xvf maldetect-current.tar.gz
4. # ls -l | grep maldetect
5. # ./install.sh
6. # nano /usr/local/maldetect/conf.maldet
Update the following
email_alert=1
email_addr=gacanepa@localhost
email_subj=”Malware alerts for $HOSTNAME – $(date +%Y-%m-%d)”
quar_hits=1
quar_clean=1
quar_susp=1
clam_av=1
User control+x -> press y to save the file.
7. Create the repo file /etc/yum.repos.d/dag.repo
[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag/
gpgcheck=1
gpgkey=http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt
enabled=1
8. # yum update && yum install clamd
9. # maldet –scan-all /var/www/
10. You can then remove all quarantined files with:
# rm -rf /usr/local/maldetect/quarantine/*
11. maldet –clean SCANID
