Blog Single

03 Apr

Instalasi dan konfigurasi Linux Malware Detect

Linux Malware Detect (LMD) adalah pemindai malware untuk Linux yang dirilis di bawah lisensi GNU GPLv2, yang dirancang di sekitar ancaman yang dihadapi shared hosting atau keamanan vps. Malware Detect sangat mudah dipasang di CentOS, terlepas dari panel kontrol yang Anda gunakan (cPanel / WHM, Directadmin, dll). Itu dapat diinstal pada server hosting bersama seperti server cPanel WHM dan linux plesk.

Seringkali pengguna tidak akan memperbarui aplikasi mereka ke versi terbaru (mis. WordPress, Joomla), atau mereka hanya menjalankan aplikasi tidak aman. Kegagalan untuk mengatasi hal ini dapat berarti bahwa malware seperti backdoor php dan alat surat massal / spam dapat diunggah.

Langkah Instalasi LMD

# cd /usr/local/src
# wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
# tar -zxvf maldetect-current.tar.gz
# cd maldetect-1.6.*
# ./install.sh

Langkah Konfigurasi LMD

Buka File konfigurasi /usr/local/maldetect/conf.maldet

# nano /usr/local/maldetect/conf.maldet
# [ EMAIL ALERTS ]
##
# The default email alert toggle
# [0 = disabled, 1 = enabled]
email_alert=1

# The subject line for email alerts
email_subj="maldet alert from $(hostname)"

# The destination addresses for email alerts
# [ values are comma (,) spaced ]
email_addr="youremail@yourdomain.com"

# Ignore e-mail alerts for reports in which all hits have been cleaned.
# This is ideal on very busy servers where cleaned hits can drown out
# other more actionable reports.
email_ignore_clean=0

##
# [ QUARANTINE OPTIONS ]
##
# The default quarantine action for malware hits
# [0 = alert only, 1 = move to quarantine & alert]
quar_hits=1

# Try to clean string based malware injections
# [NOTE: quar_hits=1 required]
# [0 = disabled, 1 = clean]
quar_clean=1

# The default suspend action for users wih hits
# Cpanel suspend or set shell /bin/false on non-Cpanel
# [NOTE: quar_hits=1 required]
# [0 = disabled, 1 = suspend account]
quar_susp=0
# minimum userid that can be suspended
quar_susp_minuid=500

Cara Pindai Malware

# update Maldet
# maldet -u or maldet -d

# Scanning Username tertentu
# maldet -a /home/username/

Related Posts