maldet Archives - Justin Silver https://www.justinsilver.com/tag/maldet/ Technology, Travel, and Pictures Mon, 24 Oct 2016 02:16:03 +0000 en-US hourly 1 https://wordpress.org/?v=6.0.1 https://www.justinsilver.com/wp-content/uploads/2013/06/cropped-apple-touch-icon-160x160.png maldet Archives - Justin Silver https://www.justinsilver.com/tag/maldet/ 32 32 Install ClamAV + Maldet on CentOS 7 https://www.justinsilver.com/technology/linux/install-clamav-maldet-centos-7/?utm_source=rss&utm_medium=rss&utm_campaign=install-clamav-maldet-centos-7 https://www.justinsilver.com/technology/linux/install-clamav-maldet-centos-7/#respond Fri, 19 Aug 2016 05:57:19 +0000 https://www.justinsilver.com/?p=4220 A quick guide for installing ClamAV and Maldet on CentOS 7 for malware scanning and quarantining. Install ClamAV and Maldet Using the ClamAV malware library will speed up the scans performed by Maldet. You...

The post Install ClamAV + Maldet on CentOS 7 appeared first on Justin Silver.

]]> AmpedSense.OptimizeAdSpot('AP'); AmpedSense.OptimizeAdSpot('IL'); AmpedSense.OptimizeAdSpot('IR');

A quick guide for installing ClamAV and Maldet on CentOS 7 for malware scanning and quarantining.

Install ClamAV and Maldet

Using the ClamAV malware library will speed up the scans performed by Maldet.

You will need to install Maldet from source, which can be downloaded from rfxn.net.

Use the sed commands below to edit values in the /usr/local/maldetect/conf.maldet configuration file.

  • email_alert="1": Send notifications via email when cron job runs
  • email_addr="YOUR_EMAIL@HOSTNAME": The email address notifications should be send to
  • email_subj="Malware alerts for $HOSTNAME - $(date +%Y-%m-%d)": The email subject for notifications
  • quarantine_hits="1": Move the malware to quarantine.
  • quarantine_clean="1": Delete any malware detected.
#!/bin/bash

# make sure the MALDET_EMAIL is set
if [[ -z $MALDET_EMAIL ]]; then
  read -e -p "Please enter a notification email: " MALDET_EMAIL
fi
if [[ -z $MALDET_EMAIL ]]; then
  exit 0
fi

yum install -y epel-release wget perl
yum install -y clamav

cd /usr/local/src
curl -s http://www.rfxn.com/downloads/maldetect-current.tar.gz -o maldetect-current.tar.gz
tar -xzf maldetect-current.tar.gz
cd maldetect-*
./install.sh
maldet --update-sigs --update-ver

sed -i "s|[email protected]|${MALDET_EMAIL}|" /usr/local/maldetect/conf.maldet
sed -i 's|^scan_clamscan="0"|scan_clamscan="1"|' /usr/local/maldetect/conf.maldet
sed -i 's|^email_alert="0"|email_alert="1"|' /usr/local/maldetect/conf.maldet
sed -i 's|^quarantine_hits="0"|quarantine_hits="1"|' /usr/local/maldetect/conf.maldet
sed -i 's|^quarantine_clean="0"|quarantine_clean="1"|' /usr/local/maldetect/conf.maldet
# add email subject if it doesn't exist
grep -q email_subj /usr/local/maldetect/conf.maldet || echo 'email_subj="Malware alerts for $HOSTNAME - $(date +%Y-%m-%d)"' >> /usr/local/maldetect/conf.maldet

Your system should now perform a daily scan via cron job. You can also scan manually from the command line and specifying the directory to check for malware – or you can use root to scan the entire filesystem.

maldet --scan-all /path/to/scan

The post Install ClamAV + Maldet on CentOS 7 appeared first on Justin Silver.

]]> https://www.justinsilver.com/technology/linux/install-clamav-maldet-centos-7/feed/ 0