Antivirus in CentOS 7

It is a very good alternative to have an antivirus on our Linux server, with the installation of Malware Detect (LMD) and ClamAV you can keep your files and directories free of threats that may compromise the integrity of your information or Linux server.

Como instalar un antivirus en centOs

Installing LMD

In the installation of LMD we must first install the dependencies. To install the Packages for Enterprise Linux, we open the terminal and execute the command:

sudo yum -y install epel-release

Once the installation is complete, we must install mailx. This piece of software will be
accused of sending reports to his email address. To install mailx, return to your terminal window and issue the command:

sudo yum -y install mailx

Finally, inotify-tools must be installed for LMD to access the inotifywait command. From
the terminal, issue the command:

sudo yum install inotify-tools

Now we are ready to install LMD. Back in the terminal we first have to install wget to download our package
of installation, we execute the following commands:

yum install wget
cd /tmp
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -xvzf maldetect-current.tar.gz

cd maldetect-XXX (XXX is the version of the package that we have downloaded)
./install.sh

We must create a symbolic link to the LMD executable with the following two commands:

ln -s /usr/local/maldetect/maldet/bin/maldet
hash -r

Configuring LMD

With LMD installed, it is time to change some configuration options. Edit with the nano command
or vim /usr/local/maldetect/conf.maldet. In that file, you'll want to take care of the following.
Enable the email alert by changing the value 0 to 1 on this line:

yum install nano / yum install vim

We edit the maldet configuration file with the editor of your choice:

nano /usr/local/maldetect/conf.maldet

We change the maldet configuration

email_alert = "0"

Add your email address (for notifications) here:

email_addr = "your@domain.com"

We enable the ClamAV clamscan binary as the default scan engine by changing the 0 to 1 in this line:

scan_clamscan = "0"

Note: Probably already this ClamAV enabled.
We enable quarantine so that malware is automatically quarantined during the scanning process. Changing the '0' to '1' in this line:

quarantine_hits = "0"

Finally, enable malware injections based on clean strings by changing the '0' to '1' in this line:

quarantine_clean = "0"

We save and serve the configuration file conf.maldet

ClamAV installation

Now we go to the installation of ClamAV. From the terminal window, run the following command:

yum -y install clamav clamav-devel

The above command will also install a series of dependencies that will allow this installation process to complete.

Enable folder monitoring

Now that we know that the system is working, we have to configure folder monitoring, so you can

It depends on the LMD to regularly monitor the folder (s) that contain the files on your server. Let's say you want to monitor / var / www / html and a specific folder that contains shared data (we'll call it / data). For LMD to control these two folders (several directories are separated by a comma), issue the following command:

maldet -m /var/www/html/data/

To carry out a complete analysis of the system we execute the following command:

maldet -a

To see more options of maldet we execute the following command:

maldet -h (or simply maldet)

Was this answer helpful?

Related Articles

CentOS 7 monitoring

Netdata is an open source tool to visualize and monitor in real time the performance of our...

Let's Encrypt SSL/TLS certificates with certbot

Let's Encrypt is an automated and open certification authority (CA) operated by Internet Security...

Linux Firewalld

how to start, restart or view Linux firewall status Firewall is a management tool that allows or...

How to setup IPtable in RHEL/CentOS 7

IPtable configuration in RHEL/CentOS 7 IPtables is a user-space utility program that allows the...