Nowadays any Linux shared hosting environment has its potential threats and prevention steps to have your server secured are always a must, in this article, we will introduce a useful tool that scans for malware, worms, trojans and rootkits, Linux Malware Detect (LMD) Malware scanner.
Maldetect is an open-source malware scanner that uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection.
It comes with many customization options via configuration files such as email alerts, quarantine options, live folder monitoring, and more.
Linux Malware Detect focuses on the known threats that are being constantly thrown at the most used web applications like WordPress, phpBB, Joomla, Vbulletin, etc.
A cronjob runs for daily malware definition/signature files to automatically update. Maldet can run as a daemon for live monitoring and if inotify-based real-time monitoring is enabled, the daily cronjob also scans the recently updated/created files for malware.
Any scan performed will have a unique ID that is used for a full report of the scan results, using the maldet inside "screen" is a good recommendation for running extensive scans.
tar -xzvf maldetect-current.tar.gz
Scan all users web folders in a cPanel server
maldet -a /home/?/public_html/
Review a Malware scan report
maldet --report REPORT_ID
Monitor specific folders
maldet -m /tmp, /home/users