Monthly Archives: March 2015

Setup Malware Detect (Maldet)

Leave a reply

Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection.

In addition, threat data is also derived from user submissions with the LMD checkout feature and from malware community resources. The signatures that LMD uses are MD5 file hashes and HEX pattern matches, they are also easily exported to any number of detection tools such as ClamAV. Continue reading

Setup Rootkit Hunter (rkhunter)

Leave a reply

Rootkit Hunter (rkhunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. This guide explains how to install and configure RKHunter on CentOS 5,6 or 7.

Rootkits are self-hiding toolkits secretly installed by a malicious intruder to allow that user to gain access to the server. Rootkit Hunter offers protection by comparing SHA-1 hashes of important files with known good ones in a online database as well as:

    • MD5 hash compare
    • Look for default files used by rootkits
    • Wrong file permissions for binaries
    • Look for suspected strings in LKM and KLD modules
    • Look for hidden files
    • Optional scan within plaintext and binary files

Continue reading

Setup Spamassasin for DirectAdmin

Leave a reply

In this guide I will be explaining how to install and configure SpamAssasin on a Direct Admin based server running CentOS.

SpamAssasin is used for e-mail spam filtering based on content-matching rules. SpamAssassin uses a variety of spam-detection techniques, that includes DNS-based and fuzzy-checksum-based spam detection, Bayesian filtering, external programs, blacklists and online databases.

The program can be integrated with the mail server to automatically filter all mail for a site. It can also be run by individual users on their own mailbox. SpamAssassin is highly configurable; if used as a system-wide filter it can still be configured to support per-user preferences.

Continue reading

Setup ClamAV Antivirus for DirectAdmin

Leave a reply

Clam AntiVirus is a popular open source (GPL) anti-virus toolkit for UNIX, designed for e-mail scanning on mail gateways. It provides a flexible and scalable multi-threaded daemon, a command line scanner and it can detect Trojan horses, viruses, malware and other malicious threats. It also comes with an advanced tool for automatic database updating via the Internet.
This article will guide you through the installation and configuration of ClamAV on a DirectAdmin based web server. Continue reading