Install Maldet di VestaCP Centos 7

Linux Malware Detection atau yang biasa disebut Maldet adalah malware scanner yang memang didesain untuk shared hosting. Jadi jika kamu mempunyai Server/VPS untuk shared hosting dengan menggunakan VestaCP kami rasa Maldet cukup powerful untuk membantu melakukan scaning malware didalam Server/VPS kamu.

How to Install

Lalu bagaimana cara installasi Maldet di server/ VPS kamu? Cukup mudah kok, kamu bisa langsung ngikutin langkah berikut.

Download Maldet installer dan extract

wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -xvzf maldetect-current.tar.gz

Masuk kedalam folder hasil extract dan jalankan script install.

cd maldetect-1.6.2 && bash install.sh

Tunggu sampai proses installasi Maldet selesai

Created symlink from /etc/systemd/system/multi-user.target.wants/maldet.service to /usr/lib/systemd/system/maldet.service.
Linux Malware Detect v1.6
(C) 2002-2017, R-fx Networks <[email protected]>
            (C) 2017, Ryan MacDonald <[email protected]>
This program may be freely redistributed under the terms of the GNU GPL
installation completed to /usr/local/maldetect
config file: /usr/local/maldetect/conf.maldet
exec file: /usr/local/maldetect/maldet
exec link: /usr/local/sbin/maldet
exec link: /usr/local/sbin/lmd
cron.daily: /etc/cron.daily/maldet
maldet(18073): {sigup} performing signature update check...
maldet(18073): {sigup} local signature set is version 2017070716978
maldet(18073): {sigup} new signature set (201708255569) available
maldet(18073): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
maldet(18073): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
maldet(18073): {sigup} verified md5sum of maldet-sigpack.tgz
maldet(18073): {sigup} unpacked and installed maldet-sigpack.tgz
maldet(18073): {sigup} verified md5sum of maldet-clean.tgz
maldet(18073): {sigup} unpacked and installed maldet-clean.tgz
maldet(18073): {sigup} signature set update completed
maldet(18073): {sigup} 15218 signatures (12485 MD5 | 1954 HEX | 779 YARA | 0 USER)

How to Config

Setelah proses installasi selesai yang harus kamu lakukan sekarang adalah menyesuaikan konfigurasi Maldet sesuai kebutuhanmu. Kalau rekomendasi kami, kamu bisa setting beberapa konfigurasi berikut:

email_alert="1"
email_addr="[email protected]com"
quarantine_hits="1"
quarantine_clean="1"

Buat kamu yang menggunakan cPanel, bisa juga untuk setting autosuspend user

quarantine_suspend_user="1"

How to Test

Setelah installasi dan konfigurasi selesai, saatnya untuk melakukan testing. Bagaimana caranya? Kamu bisa download file malware dari http://www.eicar.org/85-0-Download.html
Download file malware dan upload kedalam account hosting kamu, setelah itu kita coba scan dengan perintah

maldet -a /homedir/account/hosting

contoh:

maldet -a /home/admin

Gunakan perintah dibawah kalau file didalam account hosting kamu ribuan kaya’ wafer tango

screen maldet -a /home/admin/

Tunggu proses scan selesai dan kamu akan dapat hasil seperti ini

Linux Malware Detect v1.6.2
            (C) 2002-2017, R-fx Networks <[email protected]>
            (C) 2017, Ryan MacDonald <[email protected]>
This program may be freely redistributed under the terms of the GNU GPL v2

maldet(19982): {scan} signatures loaded: 15218 (12485 MD5 | 1954 HEX | 779 YARA | 0 USER)
maldet(19982): {scan} building file list for /home/admin/, this might take awhile...
maldet(19982): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
maldet(19982): {scan} file list completed in 0s, found 11 files...
maldet(19982): {scan} scan of /home/admin/ (11 files) in progress...
maldet(19982): {scan} 11/11 files scanned: 1 hits 0 cleaned

maldet(19982): {scan} scan completed on /home/admin/: files 11, malware hits 1, cleaned hits 0, time 1s
maldet(19982): {scan} scan report saved, to view run: maldet --report 171210-0627.21285
maldet(19982): {alert} sent scan report to [email protected]

Untuk check file apa saja yang terdeteksi sebagai malware, kamu bisa jalankan perintan maldet –report seperti dibawah ini.

maldet --report 171210-0627.21285
HOST:      srv.mikronix.me
SCAN ID:   171210-0627.21285
STARTED:   Dec 10 2017 06:27:24 +0000
COMPLETED: Dec 10 2017 06:27:25 +0000
ELAPSED:   1s [find: 0s]

PATH:          /home/admin/
TOTAL FILES:   11
TOTAL HITS:    1
TOTAL CLEANED: 0

FILE HIT LIST:
{MD5}EICAR.TEST.10.378 : /home/admin/web/srv.mikronix.me/public_html/eicar.com.txt => /usr/local/maldetect/quarantine/eicar.com.txt.1730227656
===============================================
Linux Malware Detect v1.6.2 < [email protected] >

That’s all.

Agnesius Santo

Linux System Administrator, penggemar RPM-based Linux distributions dan juga penyanyi anisong Aimer.

Leave a Reply