This guide will walk you through installing LMD (Linux Malware Detect) on your VPS/Dedicated server
You will need to be logged in as root to the server over SSH.
Let's create a temporary directory and navigate into it, followed by downloading the latest release of maldet:
mkdir tmp cd tmp wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
Extract the archive containing LMD and navigate into the directory it creates:
tar xf maldetect-current.tar.gz && cd maldetect-1.4.1
Warning: Version may vary, you can check the current directory listing with the command `ls`
Once you're inside execute the install script:
./install.sh
This will automatically install a cronjob inside /etc/cron.daily/maldet as well, it will make LMD execute daily and scan local cPanel accounts for possible malware.
Usage is fairly simple, to scan user's home directory or any other directory you would simply execute:
maldet -a /home/user
Any path is alright.
Please note that LMD runs great with ClamAV, if you'd like to install ClamAV on a cPanel based server, review this article.
Setting up e-mail alerts
LMD has an option to alert you each time it detects malware, please review these configuration variables inside /usr/local/maldetect/conf.maldet
| variable | value | description |
| email_alert | 1 or 0 | enable or disable e-mail alerts |
| email_addr | e-mail address | target e-mail for notifications, should be put in quotes like: "pawel@domain.com" |
Other configuration variables that you should look into:
| variable | value | description |
| quar_hits | number | if the number is different than 0, enables automatic quarantine |
| maxfilesize | size | makes LMD skip files larger than set size, for example "512k" (512 KB) |
Additional information
You can read the readme file online, which describes the application, here: http://www.rfxn.com/appdocs/README.maldetect
