[<\/span>root@<\/span>vps maldetect-<\/span>1.<\/span>4.<\/span>2]<\/span># sh .\/install.sh\n<\/span>Linux Malware Detect v1.<\/span>4.<\/span>2\n(<\/span>C)<\/span> 2002-<\/span>2013,<\/span> R-<\/span>fx Networks <<\/span>proj@<\/span>r-<\/span>fx.<\/span>org><\/span>\n(<\/span>C)<\/span> 2013,<\/span> Ryan MacDonald <<\/span>ryan@<\/span>r-<\/span>fx.<\/span>org><\/span>\ninotifywait (<\/span>C)<\/span> 2007,<\/span> Rohan McGovern <<\/span>rohan@<\/span>mcgovern.<\/span>id.<\/span>au><\/span>\nThis program may be freely redistributed under the terms of the GNU GPL v2\n \ncould not find required binary od,<\/span> aborting.<\/span>\nLinux Malware Detect v1.<\/span>4.<\/span>2\n(<\/span>C)<\/span> 2002-<\/span>2013,<\/span> R-<\/span>fx Networks <<\/span>proj@<\/span>r-<\/span>fx.<\/span>org><\/span>\n(<\/span>C)<\/span> 2013,<\/span> Ryan MacDonald <<\/span>ryan@<\/span>r-<\/span>fx.<\/span>org><\/span>\ninotifywait (<\/span>C)<\/span> 2007,<\/span> Rohan McGovern <<\/span>rohan@<\/span>mcgovern.<\/span>id.<\/span>au><\/span>\nThis program may be freely redistributed under the terms of the GNU GPL v2\n \ncould not find required binary od,<\/span> aborting.<\/span>\nLinux Malware Detect v1.<\/span>4.<\/span>2\n(<\/span>C)<\/span> 2002-<\/span>2013,<\/span> R-<\/span>fx Networks <<\/span>proj@<\/span>r-<\/span>fx.<\/span>org><\/span>\n(<\/span>C)<\/span> 2013,<\/span> Ryan MacDonald <<\/span>ryan@<\/span>r-<\/span>fx.<\/span>org><\/span>\ninotifywait (<\/span>C)<\/span> 2007,<\/span> Rohan McGovern <<\/span>rohan@<\/span>mcgovern.<\/span>id.<\/span>au><\/span>\nThis program may be freely redistributed under the terms of the GNU GPL\n \ninstallation completed to \/<\/span>usr\/<\/span>local\/<\/span>maldetect\nconfig file<\/span><\/a>:<\/span> \/<\/span>usr\/<\/span>local\/<\/span>maldetect\/<\/span>conf.<\/span>maldet\nexec<\/span><\/a> file<\/span><\/a>:<\/span> \/<\/span>usr\/<\/span>local\/<\/span>maldetect\/<\/span>maldet\nexec<\/span><\/a> link<\/span><\/a>:<\/span> \/<\/span>usr\/<\/span>local\/<\/span>sbin\/<\/span>maldet\nexec<\/span><\/a> link<\/span><\/a>:<\/span> \/<\/span>usr\/<\/span>local\/<\/span>sbin\/<\/span>lmd\ncron.<\/span>daily:<\/span> \/<\/span>etc\/<\/span>cron.<\/span>daily\/<\/span>maldet\n \n.\/<\/span>install.<\/span>sh:<\/span> line 72:<\/span> .:<\/span> .<\/span>ca.<\/span>def:<\/span> file<\/span><\/a> not found\nimported config options from \/<\/span>usr\/<\/span>local\/<\/span>maldetect.<\/span>last\/<\/span>conf.<\/span>maldet\nLinux Malware Detect v1.<\/span>4.<\/span>2\n(<\/span>C)<\/span> 2002<\/span>-<\/span>2013<\/span>,<\/span> R-<\/span>fx Networks <<\/span>proj@<\/span>r-<\/span>fx.<\/span>org><\/span>\n(<\/span>C)<\/span> 2013<\/span>,<\/span> Ryan MacDonald <<\/span>ryan@<\/span>r-<\/span>fx.<\/span>org><\/span>\ninotifywait (<\/span>C)<\/span> 2007<\/span>,<\/span> Rohan McGovern <<\/span>rohan@<\/span>mcgovern.<\/span>id.<\/span>au><\/span>\nThis program may be freely redistributed under the terms of the GNU GPL v2\n \ncould not find required binary od,<\/span> aborting.<\/span><\/pre><\/div><\/div>\r\n<\/span>\r\n<\/pre>\nAfter trying to debug the issue and even looking at the code, the script was trying to download files using wget and I was pretty confident the wget tool was installed.<\/p>\n
After numerous attempts the fix was to install which as shown below:<\/p>\n
<\/a>Source code<\/a><\/td> <\/a> <\/a> <\/a> <\/td><\/tr><\/table><\/div>yum install which<\/pre><\/div><\/div>\n<\/p>\n
Apparently this install package uses the which command – the purpose of this command is to search the user’s path for a program file or shows the full path of the shell commands found. So after installing the which package I was able to run the install.sh file from Maldetect successfully.<\/p>\n
Below are some of the commands that I’ve used:<\/p>\n
Scan –\u00a0<\/strong>maldet –scan-all \/web\/<\/p>\n
View Scan report<\/strong> –\u00a0maldet –report<\/p>\n
Quarantine from Report –<\/strong>\u00a0maldet -q 050715-2222.26127<\/p>\n
Clean from Report<\/strong> –\u00a0maldet -n 050715-2222.26127<\/p>\n
Ignore file extensions\u00a0\u00a0<\/strong><\/p>\n
Now some of my website has quite a number of\u00a0images and it does take up a considerable amount of time if maldetect were to scan these. I decided to just ignore these images file extension by adding some syntax to the ignore_file_ext file.<\/p>\n
Edit the file \/usr\/local\/maldetect\/ignore_file_ext<\/p>\n
add the following: .jpg .png<\/p>\n
<\/p>\n
There are also options to automatically send emails and clean and quarantine infected files. To do this you need to modify the file located here:<\/p>\n
<\/a>Source code<\/a><\/td> <\/a> <\/a> <\/a> <\/td><\/tr><\/table><\/div>\/<\/span>usr\/<\/span>local\/<\/span>maldetect\/<\/span>conf.<\/span>maldet<\/pre><\/div><\/div><\/pre>\nIn that file just modify a few lines:<\/p>\n
email_alert=1 \u2013 This will enable email alerts
\nemail_addr=\u201duser@emailaddress.com\u201d \u2013 Enter the email address to send the alerts to
\nquar_hits=1 \u2013 Move the detected malware to quarantine and then send an alert to the above address
\nquar_clean=1 \u2013 Try to clean the detected malware injections<\/p>\n
DO YOU LIKE WHAT YOU'VE READ?<\/div>Join our subscription list and receive our content right in your mailbox. If you like to receive some Great deals our Freebies then subscribe now!\r\n\r\n
\n\n\nName<\/label>\n<\/div>\nEmail<\/label>\n<\/div>\n\n<\/div>\n<\/form>\n<\/div>\n<\/p>\r\n\r\n<\/div><\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"I recently ran into a problem with installing Maldetect on a CentOS system. I almost gave up until I discovered that one of my sites had a malware so decided to dig in further and try to resolve the issue. After downloading and running the install bash file, I received the error message “could not […]<\/p>\n","protected":false},"author":1,"featured_media":3367,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,1043],"tags":[1572,1832,1834,1833],"class_list":["post-3364","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","category-websites","tag-error-message","tag-linux-malware-detect","tag-maldetect","tag-r-fx-networks"],"_links":{"self":[{"href":"https:\/\/www.businesslegions.com\/blog\/wp-json\/wp\/v2\/posts\/3364","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.businesslegions.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.businesslegions.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.businesslegions.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.businesslegions.com\/blog\/wp-json\/wp\/v2\/comments?post=3364"}],"version-history":[{"count":7,"href":"https:\/\/www.businesslegions.com\/blog\/wp-json\/wp\/v2\/posts\/3364\/revisions"}],"predecessor-version":[{"id":3458,"href":"https:\/\/www.businesslegions.com\/blog\/wp-json\/wp\/v2\/posts\/3364\/revisions\/3458"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.businesslegions.com\/blog\/wp-json\/wp\/v2\/media\/3367"}],"wp:attachment":[{"href":"https:\/\/www.businesslegions.com\/blog\/wp-json\/wp\/v2\/media?parent=3364"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.businesslegions.com\/blog\/wp-json\/wp\/v2\/categories?post=3364"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.businesslegions.com\/blog\/wp-json\/wp\/v2\/tags?post=3364"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}