What is Linux Malware Detect (LMD)?

Posted on by Amy Myers | Updated:
Reading Time: 2 minutes

Linux Malware Detect (LMD), also known as Maldet, is a free and open source malware scanner designed for shared Linux environments. It is developed and released under the GNU GPLv2 license. The environments LMD is used on have multiple tenants running different software on a single Linux distribution.

How Does Linux Malware Detect Work?

Linux Malware Detect uses signatures for malware detection and creates them based on threat data collected from network intrusion detection systems. It also allows users to submit any new data they might find on their systems via the LMD checkout feature. Aside from those sources, it derives threat data from other Linux community resources regarding malware. Signatures used are HEX pattern matches and MD5 file hashes exported to several other detection or antivirus software such as ClamAV. 

LMD is configurable to scan the whole system, particular directories, or recently modified files for a defined duration. After every scan, it provides full-scan reports and an option to quarantine any infected files (malware hits) by effectively preventing them from being accessible or executing anything on the server.

Why is Malware Scanning Important?

Linux installations are usually more secure than Microsoft Windows as there are considerably fewer viruses and other malware software written for Linux. Though Linux and other Unix-like operating systems (OS) are considered well protected, they’re not immune to computer viruses. 

Linux implements multi-user environments that make it harder to infect the whole system when it comes to web hosting. Linux operating systems are less susceptible to malware but can be infected with viruses, worms, or trojans that affect or infect Windows systems once downloaded onto them. 

Therefore, even if malware won’t compromise your data, the vulnerability exists for users who might visit your infected website or receive an email sent from the URL. Keeping a website clean of any malware is important for all parties involved.

Linux Malware Detect Advantages

Here are a few advantages of using Linux Malware Detect. 

  • Free, open-source software.
  • Customizable to scan only relevant data or monitor changes.
  • Quick threat identification using MD5 file hash detection.
  • Identification of threat variants using the HEX-based patterns.
  • Improved performance using the ClamAV integration.
  • Quarantine for malware hits without file modification.
  • Quarantine restore functionality to restore files to initial locations with original permissions and ownership.
  • Integration of the inotify API to scan for modified files.
  • Configurable to send emails after completed scans with a list of malware hits.
  • Uses multiple sources for malware data to create signatures.

Linux Malware Detect Disadvantages

Here are some of the disadvantages of using Linux Malware Detect.

  • Sometimes misses files containing malware.
  • Sometimes lists false positives.
  • Can be slightly resource-intensive and cause a brief server load spike when entering monitoring mode.

Top Threat Signatures Detected by Linux Malware Detect

These are the top threats detected by Linux Malware Detect, according to their GitHub page.

Wrapping Up

Cybercrime causes high costs to small and large businesses. It’s important to learn as much as possible about website malware and common security issues. More often than not, it’s more cost-effective to have a dedicated web development team monitoring your site using malware detection tools and secure, clean backups.

Liquid Web offers our customers add-on security services, including web application protection and server protection and remediation for Linux and Windows servers. Contact our sales team to discuss our managed hosting solutions today if you are not hosting with us.

Avatar for Amy Myers

About the Author: Amy Myers

Amy is a Linux support technician with Liquid Web and Nexcess, with expertise in customer service. She considers expanding upon and sharing knowledge as one of life's top priorities. She is an avid technology and art fan.

Latest Articles

Blocking IP or whitelisting IP addresses with UFW

Read Article

CentOS Linux 7 end of life migrations

Read Article

Use ChatGPT to diagnose and resolve server issues

Read Article

What is SDDC VMware?

Read Article

Best authentication practices for email senders

Read Article