ClamAV is the best malicious scanning tool which comes with Cpanel/ WHM on Linux server.
You can use following steps to install and scan Clam AV.
Login your WHM >>> find the option "Manage Plugins >>> select Clam AV >>> install.
Once it is install then login your Linux server via SSH and create a directory under /home using following command.
cd /home; mkdir clamscan-infectedfiles
And then use following command to scan the Clam AV.
clamscan --exclude mail --exclude clamscan-infectedfiles -ri [a-z]* --move=clamscan-infectedfiles
Once the scanning process is completed then you will get the complete scanning report in following format.
==============================
----------- SCAN SUMMARY -----------
Known viruses:
Engine version:
Scanned directories:
Scanned files:
Infected files: 0
Data scanned: MB
Data read: MB (ratio 0.89:1)
Time: 000.000 sec (10 m 21 s)
=====================================
Saturday, February 9, 2013
Maldet - Linux Malware Detect (LMD)
Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments.
cd /usr/local/src
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -xzvf maldetect-current.tar.gz
cd maldetect-*
sh install.sh
cd ..
rm -Rf maldetect-current.tar.gz
echo "Linux Malware Detect has been installed!"
To run the maldet
>maldet -a /
cd /usr/local/src
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -xzvf maldetect-current.tar.gz
cd maldetect-*
sh install.sh
cd ..
rm -Rf maldetect-current.tar.gz
echo "Linux Malware Detect has been installed!"
To run the maldet
>maldet -a /
RootKit Hunter – A tool which scans for backdoors and malicious softwares present in the server.
Rkhunter (Rootkit Hunter) is an open source Unix/Linux based scanner tool for Linux systems released under GPL that scans backdoors, rootkits and local exploits on your systems. It scans hidden files, wrong permissions set on binaries, suspicious strings in kernel etc. To know more about Rkhunter and its features visit http://www.rootkit.nl/.
Installation
cd /usr/local/src
wget https://dl.dropbox.com/s/i5sd0ljp6pejhn6/rkhunter-1.4.0.tar.gz
wget http://downloads.sourceforge.net/project/rkhunter/rkhunter/1.4.0/rkhunter-1.4.0.tar.gz
tar -xzvf rkhunter-1.4.0.tar.gz
cd rkhunter-1.4.0
./installer.sh --install
rkhunter --check
echo "Rkhunter successfully installed!"
log : /var/log/rkhunter.log
To update it
=========
rkhunter --update
rkhunter --propupd
=========
set crontab to scan and email the report
#!/bin/sh
(
/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
) | /bin/mail -s 'rkhunter Daily Run (PutYourServerNameHere)' your@email.com
Installation
cd /usr/local/src
wget https://dl.dropbox.com/s/i5sd0ljp6pejhn6/rkhunter-1.4.0.tar.gz
wget http://downloads.sourceforge.net/project/rkhunter/rkhunter/1.4.0/rkhunter-1.4.0.tar.gz
tar -xzvf rkhunter-1.4.0.tar.gz
cd rkhunter-1.4.0
./installer.sh --install
rkhunter --check
echo "Rkhunter successfully installed!"
log : /var/log/rkhunter.log
To update it
=========
rkhunter --update
rkhunter --propupd
=========
set crontab to scan and email the report
#!/bin/sh
(
/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
) | /bin/mail -s 'rkhunter Daily Run (PutYourServerNameHere)' your@email.com
Subscribe to:
Posts (Atom)