Running a Virus and Malware Scan on Your Linux Server
Introduction
To ensure the security of your Linux server, you can use ClamAV for virus scans and Linux Malware Detect (LMD) for malware detection. This guide provides step-by-step instructions for setting up and running scans on CentOS and Ubuntu systems.
Virus Scan Using ClamAV
Installation on CentOS
- Connect to the server using an SSH client (e.g., Putty or Terminal).
- Run the following commands as the root user (if not root, prefix with
sudo):yum install -y epel-release
yum install -y clamav
freshclam
Installation on Ubuntu
- Connect to the server using an SSH client.
- Run the following commands:
apt-get update
apt-get install clamav clamav-daemon
freshclam
Running a Virus Scan with ClamAV
Once ClamAV is installed, you can use it to scan for viruses:
- Scan all user home directories:
clamscan -r /home - Scan the entire server:
clamscan -r /
Malware Scan Using Linux Malware Detect (LMD)
Installation on CentOS and Ubuntu
-
Connect to the server via SSH.
-
Download and install LMD with the following commands:
cd /usr/local/src/
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -xzf maldetect-current.tar.gz
cd maldetect-*
sudo ./install.sh -
Update the malware database:
maldet --update-ver
maldet --update
Running a Malware Scan with LMD
- Scan a specific directory (e.g., user home directories):
maldet -a /home - Scan an individual user directory:
maldet -a /home/username - Scan the entire server:
maldet -a /
Best Practices
- Schedule Regular Scans: Automate scans by scheduling them with cron jobs.
- Keep Signatures Updated: Always update virus and malware definitions before running scans (
freshclamfor ClamAV,maldet --updatefor LMD). - Combine Tools: Use LMD with ClamAV’s engine for enhanced performance.