Installation

Login with ssh/putty with root access

Go to your tmp folder or create own folder where you want to download this package for installation process

cd /tmp

Then run the following command to download the compressed file:

wget http://www.rfxn.com/downloads/maldetect-current.tar.gz

Extract downloaded package

tar xfz maldetect-current.tar.gz

Go to extracted directory

cd maldetect-*

Check proper permission for installation script file sh. It must have executable permission. If not then you can use below command for changing permission

chmod +x install.sh

Run installation script

./install.sh

You will got output something like below

Linux Malware Detect v1.4.1
            (C) 2002-2011, R-fx Networks 
            (C) 2011, Ryan MacDonald 
inotifywait (C) 2007, Rohan McGovern 
This program may be freely redistributed under the terms of the GNU GPL

installation completed to /usr/local/maldetect
config file: /usr/local/maldetect/conf.maldet
exec file: /usr/local/maldetect/maldet
exec link: /usr/local/sbin/maldet
exec link: /usr/local/sbin/lmd
cron.daily: /etc/cron.daily/maldet

Now configure your LMD program according to your need

Edit configuration file

nano /usr/local/maldetect/conf.maldet

Following few options you will got in this file

  • email_alert: If you would like to receive email alerts, then it should be set to 1.
  • email_subj: Set your email subject here.
  • email_addr: Add your email address to receive malware alerts.
  • quar_hits: The default quarantine action for malware hits, it should be set 1.
  • quar_clean: Cleaing detected malware injections, must set to 1.
  • quar_susp: The default suspend action for users wih hits, set it as per your requirements.
  • quar_susp_minuid: Minimum userid that can be suspended

Default it have something like below:

# [ EMAIL ALERTS ]
##
# The default email alert toggle
# [0 = disabled, 1 = enabled]
email_alert=1

# The subject line for email alerts
email_subj="maldet alert from $(hostname)"

# The destination addresses for email alerts
# [ values are comma (,) spaced ]
email_addr="tecmint.com@gmail.com"

# Ignore e-mail alerts for reports in which all hits have been cleaned.
# This is ideal on very busy servers where cleaned hits can drown out
# other more actionable reports.
email_ignore_clean=0

##
# [ QUARANTINE OPTIONS ]
##
# The default quarantine action for malware hits
# [0 = alert only, 1 = move to quarantine & alert]
quar_hits=1

# Try to clean string based malware injections
# [NOTE: quar_hits=1 required]
# [0 = disabled, 1 = clean]
quar_clean=1

# The default suspend action for users wih hits
# Cpanel suspend or set shell /bin/false on non-Cpanel
# [NOTE: quar_hits=1 required]
# [0 = disabled, 1 = suspend account]
quar_susp=0
# minimum userid that can be suspended
quar_susp_minuid=500

Done. Now, you'll need to run our license installer script to activate the "LMD" on your server!

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

How to install cPShield-v2 in your cPanel/WHM?

Installation Run the following command to install: wget -N...
How to install KernelCare in your cPanel/WHM?

How to Install KernelCare on cPanel/WHM server To install KernelCare, you need to log in...