• ¡Welcome to Square Theme!
  • This news are in header template.
  • Please ignore this message.
Hello There, Guest! Login RegisterLogin with Facebook


Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
How to install MALDET Linux Malware Detect on Cpanel Server
#1
Maldet is a malware detector and scanner for Linux based servers a project designed by R-fx networks project. It can be installed on shared hosting servers like cPanel WHM and linux plesk servers which works along with Clamav tool.

Download & Install Maldet.

Code:
cd /usr/local/src
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -xzvf maldetect-current.tar.gz


Go to the maldetect directory and run the installer script 'install.sh' as root:


Code:
cd maldetect-1.5
./install.sh


Next, make a symlink to the maldet command in the /bin/ directory.


Code:
ln -s /usr/local/maldetect/maldet /bin/maldet
hash -r



Configure Maldet, Install Nano editor if its not installed ( yum install nano )


Code:
cd /usr/local/maldetect/
nano conf.maldet


Enable email alert by changing the value to '1'.


Code:
email_alert="1"


Set your email address .


Code:
email_addr="root@24x7servermanagement.com"


We will use the ClamAV clamscan binary as default scan engine because it provides a high-performance scan on large file sets. If its not installed you can install it using ( yum -y install clamav clamav-devel ) then update using ( freshclam ) command. 

Change value to '1' on line 114.


Code:
scan_clamscan="1"



Next, enable quarantining to move malware to the quarantine automatically during the scan process. Change value to '1' on line 180.


Code:
quarantine_hits="1"


Change value to 1 on line 185 to enable clean based malware injections.


Code:
quarantine_clean="1"


Save and exit.


Use Real-Time Monitoring with Maldet for active monitoring.

The inotify monitoring feature is designed to monitor paths/users in real-time for file creation/modify/move operations. This option requires a kernel that supports inotify_watch (CONFIG_INOTIFY) which is found in kernels 2.6.13+ and CentOS/RHEL 5 by default.

There are three modes that the monitor can be executed with and they relate to what will be monitored, they are USERS|PATHS|FILES.
       e.g: maldet --monitor users
       e.g: maldet --monitor /root/monitor_paths
       e.g: maldet --monitor /home/mike,/home/ashton
 
Reply
#2
The article really helps. Thank you.
 
Reply
  


Forum Jump:


Browsing: 1 Guest(s)