Skip to main content

Running a Virus and Malware Scan on Your Linux Server

Introduction

To ensure the security of your Linux server, you can use ClamAV for virus scans and Linux Malware Detect (LMD) for malware detection. This guide provides step-by-step instructions for setting up and running scans on CentOS and Ubuntu systems.

Virus Scan Using ClamAV

Installation on CentOS

  1. Connect to the server using an SSH client (e.g., Putty or Terminal).
  2. Run the following commands as the root user (if not root, prefix with sudo):
    yum install -y epel-release
    yum install -y clamav
    freshclam

Installation on Ubuntu

  1. Connect to the server using an SSH client.
  2. Run the following commands:
    apt-get update
    apt-get install clamav clamav-daemon
    freshclam

Running a Virus Scan with ClamAV

Once ClamAV is installed, you can use it to scan for viruses:

  • Scan all user home directories:
    clamscan -r /home
  • Scan the entire server:
    clamscan -r /

Malware Scan Using Linux Malware Detect (LMD)

Installation on CentOS and Ubuntu

  1. Connect to the server via SSH.

  2. Download and install LMD with the following commands:

    cd /usr/local/src/
    wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
    tar -xzf maldetect-current.tar.gz
    cd maldetect-*
    sudo ./install.sh
  3. Update the malware database:

    maldet --update-ver
    maldet --update

Running a Malware Scan with LMD

  • Scan a specific directory (e.g., user home directories):
    maldet -a /home
  • Scan an individual user directory:
    maldet -a /home/username
  • Scan the entire server:
    maldet -a /

Best Practices

  • Schedule Regular Scans: Automate scans by scheduling them with cron jobs.
  • Keep Signatures Updated: Always update virus and malware definitions before running scans (freshclam for ClamAV, maldet --update for LMD).
  • Combine Tools: Use LMD with ClamAV’s engine for enhanced performance.