Just stumbled upon this tool : Linux Malware Detection
It seems pretty straightforward to use , and it would make sense to have this running on a Mint (and other linux systems for that matter too).
https://www.rfxn.com/projects/linux-malware-detect/
A small howto is described here: http://forumubuntusoftware.info/viewtop ... 127&t=9095
In theory this is not needed ,but for the peace of mind ,and because the weakest link is between chair and keyboard ,it might be advisable anyhow.
I'm going to put this anyhow on all future Mint installations,and configure it that way that a warning mail is sent.
LMD (Linux Malware Detection)
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
-
ktheking
LMD (Linux Malware Detection)
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
-
Habitual
Re: LMD (Linux Malware Detection)
Looks Awesome!
This should be a GREAT tool on a client's new server where they have sudo and don't know what the hell they're doing.
I hope there's a summary mailed instead of the entirety of /usr/local/maldetect/inotify/inotify_log
shows --timefmt %d %b %H:%M:%S --format %w%f %e %T -m -e create,move,modify
I'll read up more on this tomorrow and update this post.
I followed this to get it up and running here on LM-Q17 Xfce
This should be a GREAT tool on a client's new server where they have sudo and don't know what the hell they're doing.
I hope there's a summary mailed instead of the entirety of /usr/local/maldetect/inotify/inotify_log
Code: Select all
sudo ps aux | grep inotifyI'll read up more on this tomorrow and update this post.
I followed this to get it up and running here on LM-Q17 Xfce
-
nomko
Re: LMD (Linux Malware Detection)
Great tool for Linux servers with Windows clients. Not much for a help for individual Linux users though since internet threads/malicious software doesn't have much effect on Linux systems.
-
ktheking
Re: LMD (Linux Malware Detection)
EXACTLY !This should be a GREAT tool on a client's new server where they have sudo and don't know what the hell they're doing.
Linux Mint is profiled as the replacement of Windows XP ,thus will inherit it's users. The responsibilities for having sudo/root available is for a ex-windows xp user not a big deal since they were admin users (read root) at all times. This means an opportunity is there for malware writers to disperse their code onto Linux mint and Ubuntu platforms.
fact : I noticed in the mint forum ,people actually try without knowing what the impact or source is , to :
-compile code from source
-add new repositories from unknown sources
Doing such things creates a genuine threat. Having a tool such as LMD to scan your system after/during applying such changes is a MUST in order to keep the credibility of Linux high.
So to all who claim this is not needed they are right and wrong at the same time.
Linux Desktop + experimented user + sudo usage : no need for LMD
Linux Desktop + entry user + no sudo usage : no need for LMD
Linux Desktop + entry user + sudo usage : LMD required
Linux Desktop(or server) + applications used by windows clients : LMD required
applications used by windows clients : web applications, sharing applications (samba), etc.
Another good idea would be to create a small kind of knowledge/setup test form ,which can assess whether you'll need a tool like LMD on a desktop linux. This could be launched at installation time in the gui . Maybe in the next mint version ?
-
Habitual
Re: LMD (Linux Malware Detection)
Add to the list,ktheking wrote: So to all who claim this is not needed they are right and wrong at the same time.
Linux Desktop + experimented user + sudo usage : no need for LMD
Linux Desktop + entry user + no sudo usage : no need for LMD
Linux Desktop + entry user + sudo usage : LMD required
Linux Desktop(or server) + applications used by windows clients : LMD required
applications used by windows clients : web applications, sharing applications (samba), etc.
Shared Hosting.
Sites that don't update their WordPress + themes, plugins, widgets, basically any WordPress site.
We use WordFence for changes to files on the site.
Re: LMD (Linux Malware Detection)
Moving this to Chat about Linux as I take it this is more of a suggestion for other Linux users than that it is a hard suggestion to install and configure LMD by default on all Linux Mint installations.
This is a bit of a weird topic; I can understand LMD for server deployment especially on shared hosted servers, but that's not a focus for Linux Mint (it's a desktop/laptop operating system after all, not intended for servers--indeed it doesn't have any benefits for use on headless servers over its package bases). In all honesty, if you are installing Linux Mint for people that can't be trusted with their computer any more than you would trust them with Windows they are probably better off with something else like a Chromebook or a tablet.
For server deployments you should also want to pull in Lynis, a security auditing tool: http://rootkit.nl/software/lynis/
This is a bit of a weird topic; I can understand LMD for server deployment especially on shared hosted servers, but that's not a focus for Linux Mint (it's a desktop/laptop operating system after all, not intended for servers--indeed it doesn't have any benefits for use on headless servers over its package bases). In all honesty, if you are installing Linux Mint for people that can't be trusted with their computer any more than you would trust them with Windows they are probably better off with something else like a Chromebook or a tablet.
For server deployments you should also want to pull in Lynis, a security auditing tool: http://rootkit.nl/software/lynis/
