Linux Malware Detect

Linux Malware Detect
	Output of a sample run of LMD
Developer(s)
Stable release	1.6.4 / March 18 2019
Operating system	Linux
Type	Linux malware Detector
License	GNU GPL v2
Website	www.rfxn.com/projects/linux-malware-detect/

Linux Malware Detect, abbreviated as LMD or maldet, is a software package that looks for malware on Linux systems and reports on it.^[1]

Details[]

Linux is more secure than Microsoft Windows^[2] and there are considerably fewer computer viruses and other malware written for it.^[3] Whereas there are many malware detection software packages like virus scanners for Windows, there are relatively few for Linux.^[4]^[5]

To protect Linux systems against vulnerabilities, various software packages are available, such as rootkit detectors such as Rootkit Hunter and chkrootkit auditing systems like lynis. Malware detection software such as LMD and ClamAV improve the security of systems by scanning them based on the signatures of thousands of instances of known malware.

For malware signatures, LMD uses various sources such as the signatures database of ClamAV and the of .^[6]^[7] Besides such third party signature databases, it also maintains its own database of signatures.

If a ClamAV scanner engine is already available on a system, LMD will use this for its scanner engine. This will normally give better performance than its built-in scanner engine.^[1]

LMD can quarantine malware, and it can clean software that contains malicious code.^[8]

The executable command of LMD is maldet. Typical command invocations are maldet -d, to check for later versions; maldet -u, to check for malware signature updates; and maldet -a, to scan the file system of the server on which LMD resides. Checking for malware signature updates is typically done in an automated manner. Besides periodic scans, real-time monitoring is also supported with the --monitor command-line argument. LMD can monitor users, paths and files in such a way.^[8]

Linux Malware Detect is one of the objectives for the LPI 303 certification.^[9]

References[]

^ ^a ^b Mastering Linux Security and Hardening by Donald A. Tevault Publisher: Packt Publishing Release Date: January 2018 ISBN 9781788620307
^ Dave Taylor. "Why Linux is better than Windows or macOS for security". Computerworld. Retrieved 2020-05-27.
^ "Linux vs. Windows Viruses". www.theregister.co.uk. Retrieved 2020-05-27.
^ Granneman, Scott (October 2003). "Linux vs. Windows Viruses". Retrieved 2008-03-06.
^ Yeargin, Ray (July 2005). "The short life and hard times of a linux virus". Archived from the original on 1 May 2008. Retrieved 2015-12-06.
^ Linux Server Security, Chapter 8 Malware Detection, by Chris Binnie, John Wiley & Sons, 2016, ISBN 9781119277651
^ Cymru, Team. "Malware Hash Registry - Team Cymru". www.team-cymru.com. Retrieved 19 May 2018.
^ ^a ^b "Linux Malware Detect - R-fx Networks". www.rfxn.com. Retrieved 19 May 2018.
^ "Exam 303 Objectives". lpi.org. 31 August 2016. Retrieved 19 May 2018.

External links[]

R-fx Networks project page of LMD

[auto-1] Mastering Linux Security and Hardening by Donald A. Tevault Publisher: Packt Publishing Release Date: January 2018 ISBN 9781788620307

[2] Dave Taylor. "Why Linux is better than Windows or macOS for security". Computerworld. Retrieved 2020-05-27.

[3] "Linux vs. Windows Viruses". www.theregister.co.uk. Retrieved 2020-05-27.

[Granneman-4] Granneman, Scott (October 2003). "Linux vs. Windows Viruses". Retrieved 2008-03-06.

[Yeargin-5] Yeargin, Ray (July 2005). "The short life and hard times of a linux virus". Archived from the original on 1 May 2008. Retrieved 2015-12-06.

[6] Linux Server Security, Chapter 8 Malware Detection, by Chris Binnie, John Wiley & Sons, 2016, ISBN 9781119277651

[7] Cymru, Team. "Malware Hash Registry - Team Cymru". www.team-cymru.com. Retrieved 19 May 2018.

[rfxn.com-8] "Linux Malware Detect - R-fx Networks". www.rfxn.com. Retrieved 19 May 2018.

[9] "Exam 303 Objectives". lpi.org. 31 August 2016. Retrieved 19 May 2018.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]