Linux Malware Detect (LMD), also known as Maldet, is a free and open source malware scanner designed for shared Linux environments. It is developed and released under the GNU GPLv2 license. The environments LMD is used on have multiple tenants running different software on a single Linux distribution.
How Does Linux Malware Detect Work?
Linux Malware Detect uses signatures for malware detection and creates them based on threat data collected from network intrusion detection systems. It also allows users to submit any new data they might find on their systems via the LMD checkout feature. Aside from those sources, it derives threat data from other Linux community resources regarding malware. Signatures used are HEX pattern matches and MD5 file hashes exported to several other detection or antivirus software such as ClamAV.
LMD is configurable to scan the whole system, particular directories, or recently modified files for a defined duration. After every scan, it provides full-scan reports and an option to quarantine any infected files (malware hits) by effectively preventing them from being accessible or executing anything on the server.
Why is Malware Scanning Important?
Linux installations are usually more secure than Microsoft Windows as there are considerably fewer viruses and other malware software written for Linux. Though Linux and other Unix-like operating systems (OS) are considered well protected, they’re not immune to computer viruses.
Linux implements multi-user environments that make it harder to infect the whole system when it comes to web hosting. Linux operating systems are less susceptible to malware but can be infected with viruses, worms, or trojans that affect or infect Windows systems once downloaded onto them.
Therefore, even if malware won’t compromise your data, the vulnerability exists for users who might visit your infected website or receive an email sent from the URL. Keeping a website clean of any malware is important for all parties involved.
Linux Malware Detect Advantages
Here are a few advantages of using Linux Malware Detect.
- Free, open-source software.
- Customizable to scan only relevant data or monitor changes.
- Quick threat identification using MD5 file hash detection.
- Identification of threat variants using the HEX-based patterns.
- Improved performance using the ClamAV integration.
- Quarantine for malware hits without file modification.
- Quarantine restore functionality to restore files to initial locations with original permissions and ownership.
- Integration of the inotify API to scan for modified files.
- Configurable to send emails after completed scans with a list of malware hits.
- Uses multiple sources for malware data to create signatures.
Linux Malware Detect Disadvantages
Here are some of the disadvantages of using Linux Malware Detect.
- Sometimes misses files containing malware.
- Sometimes lists false positives.
- Can be slightly resource-intensive and cause a brief server load spike when entering monitoring mode.
Top Threat Signatures Detected by Linux Malware Detect
These are the top threats detected by Linux Malware Detect, according to their GitHub page.
Cybercrime causes high costs to small and large businesses. It’s important to learn as much as possible about website malware and common security issues. More often than not, it’s more cost-effective to have a dedicated web development team monitoring your site using malware detection tools and secure, clean backups.
Our Sales and Support teams are available 24 hours by phone or e-mail to assist.