Cara install Linux Malware Detect (LMD) atau Maldetect di Debian 10 secara urut pada Google Cloud atau VPS lainnya. Mari langsung saja
Cara install Linux Malware Detect (LMD) atau Maldetect di Debian 10 (VPS)
Masuk sebagai root untuk akses penuh
su
kemudian ketikan password root VPS anda
Masuk ke folder temporary
cd /tmp
kemudian download maldetect (LMD) terbaru dengan cara mengetikan perintah:
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
ekstrak hasil download dengan mengetikan:
tar -xvf maldetect-current.tar.gz
Akan tampil kurang lebih proses seperti ini:
maldetect-1.6.4/files/clean/js.inject.VisitorTracker
maldetect-1.6.4/files/clean/gzbase64.inject.unclassed
maldetect-1.6.4/files/ignore_sigs
maldetect-1.6.4/files/conf.maldet
maldetect-1.6.4/files/ignore_inotify
maldetect-1.6.4/files/sigs/
maldetect-1.6.4/files/sigs/hex.dat
maldetect-1.6.4/files/sigs/rfxn.yara
maldetect-1.6.4/files/sigs/rfxn.ndb
maldetect-1.6.4/files/sigs/rfxn.hdb
maldetect-1.6.4/files/sigs/md5v2.dat
maldetect-1.6.4/files/sigs/maldet.sigs.ver
maldetect-1.6.4/files/sigs/md5.dat
maldetect-1.6.4/files/sigs/rfxn.yara.bk
maldetect-1.6.4/files/sigs/appver/
maldetect-1.6.4/files/sigs/appver/wordpress.ver
maldetect-1.6.4/files/monitor_paths
maldetect-1.6.4/CHANGELOG
maldetect-1.6.4/CHANGELOG.VARIABLES
maldetect-1.6.4/COPYING.GPL
maldetect-1.6.4/CHANGELOG.RELEASE
maldetect-1.6.4/cron.d.pub
maldetect-1.6.4/.ca.def
maldetect-1.6.4/install.sh
hapus file tar.gz hasil download yang sudah di ekstrak agar mengurangi space yang digunakan. Ketikan perintah:
rm maldetect-current.tar.gz
masuk ke folder maldetect. Untuk versi disesuaikan versi saat ini ya:
cd maldetect-1.6.4
ketikan perintah ini untuk menginstal:
bash ./install.sh
Maka anda akan melihat proses seperti ini:
installation completed to /usr/local/maldetect
config file: /usr/local/maldetect/conf.maldet
exec file: /usr/local/maldetect/maldet
exec link: /usr/local/sbin/maldet
exec link: /usr/local/sbin/lmd
cron.daily: /etc/cron.daily/maldet
imported config options from /usr/local/maldetect.last/conf.maldet
maldet(13793): {sigup} performing signature update check...maldet(13793): {sigup} local signature set is version 201907043616
maldet(13793): {sigup} new signature set 2019081323971 available
maldet(13793): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgzmaldet(13793): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
maldet(13793): {sigup} verified md5sum of maldet-sigpack.tgz
maldet(13793): {sigup} unpacked and installed maldet-sigpack.tgz
maldet(13793): {sigup} verified md5sum of maldet-clean.tgz
maldet(13793): {sigup} unpacked and installed maldet-clean.tgz
maldet(13793): {sigup} signature set update completed
maldet(13793): {sigup} 15550 signatures (12738 MD5 | 2035 HEX | 777 YARA | 0 USER)
Lalu edit file conf.maldet
nano /usr/local/maldetect/conf.maldet
Atur nilainya seperti berikut:
scan_clamscan="1"
email_alert="1"
email_addr="[email protected]"
quarantine_hits="1"
quarantine_clean="1"
quarantine_suspend_user="0"
quarantine_suspend_user_minuid="1000"
Masuk ke folder /usr/local/maldetect
cd /usr/local/maldetect
Buat alias maldet
alias maldet=/usr/local/sbin/maldet
ketikan su – untuk masuk ke root . Path root mencakup /usr/local/sbin pada banyak distribusi Linux termasuk debian.
su -
Download inotify-tools. Cara menginstall inotify di linux lain silahkan klik: github.com/rvoicilas/inotify-tools/wiki
apt-get install inotify-tools
Anda akan melihat proses:
Reading package lists... Done
Building dependency tree Reading state information... DoneThe following additional packages will be installed: libinotifytools0
The following NEW packages will be installed: inotify-tools libinotifytools
00 upgraded, 2 newly installed, 0 to remove and 5 not upgraded.Need to get 44.3 kB of archives.
After this operation, 145 kB of additional disk space will be used.Do you want to continue? [Y/n] y
Get:1 http://deb.debian.org/debian buster/main amd64 libinotifytools0 amd64 3.14-7 [18.7 kB]
Get:2 http://deb.debian.org/debian buster/main amd64 inotify-tools amd64 3.14-7 [25.5 kB]
Fetched 44.3 kB in 0s (2711 kB/s) Selecting previously unselected package libinotifytools0:amd64.(Reading database ... 43801 files and directories currently installed.)
Preparing to unpack .../libinotifytools0_3.14-7_amd64.deb ...Unpacking libinotifytools0:amd64 (3.14-7) ...Selecting previously unselected package inotify-tools.
Preparing to unpack .../inotify-tools_3.14-7_amd64.deb ...Unpacking inotify-tools (3.14-7) ...Setting up libinotifytools0:amd64 (3.14-7) ...Setting up inotify-tools (3.14-7) ...Processing triggers for libc-bin (2.28-10) ...
Cara menggunakan maldet
Cara scan folder tertentu
maldet -a /path_yang_akan_anda_scan/
Tunggu proses
Untuk Scan di background yang sangat ideal untuk scan berukuran besar (memakan waktu lama) kita bisa gunakan maldet -b
maldet -b -r /path_yang_akan_anda_scan/
Update maldetect ke versi terkini:
maldet -d
terminate inotify monitoring service kita gunakan -k, –kill
maldet -k
Karantina semua hasil SCANID
maldet –quarantine 081419-1234.2311159
Lihat laporan hasil scan terbaru dan kirim email
maldet –report SCANID [email protected]
Lihat laporan hasil scan terbaru
maldet –report 081419-1234.2311159
Restore hasil scan
maldet –restore 081419-1234.2311159
Melihat log
maldet -l
Hapus log
maldet -p
Menutup notify
killall inotifywait
Sekian panduan cara install Linux Malware Detect (LMD) atau Maldetect di Debian 10 secara urut pada Google Cloud atau VPS lainnya. Mari langsung saja