[root@localhost ~]# tar xzvf maldetect-current.tar.gz
安装
[root@localhost ~]# cd maldetect-1.6.5/
[root@localhost maldetect-1.6.5]# ./install.sh
查看命令及帮助
[root@localhost maldetect-1.6.5]# maldet
Linux Malware Detect v1.6.5
(C) 2002-2023, R-fx Networks <proj@rfxn.com>
(C) 2023, Ryan MacDonald <ryan@rfxn.com>
This program may be freely redistributed under the terms of the GNU GPL v2
signature set: 202401192782461
usage maldet [-h|--help] [-a|--scan-all PATH] [-r|--scan-recent PATH DAYS]
[-f|--file-list PATH] [-i|--include-regex] [-x|--exclude-regex]
[-b|--background] [-m|--monitor] [-k|--kill-monitor] [-c|--checkout]
[-q|--quarantine] [-s|--restore] [-n|--clean] [-l|--log] [-e|--report]
[-u|--update-sigs] [-d|--update-ver]
扫描文件和目录时,加-a参数跟绝对路径
[root@localhost ~]# maldet -a /root/anaconda-ks.cfg
Linux Malware Detect v1.6.5
(C) 2002-2023, R-fx Networks <proj@rfxn.com>
(C) 2023, Ryan MacDonald <ryan@rfxn.com>
This program may be freely redistributed under the terms of the GNU GPL v2
maldet(3656): {scan} signatures loaded: 17637 (14801 MD5 | 2053 HEX | 783 YARA | 0 USER)
maldet(3656): {scan} building file list for /root/anaconda-ks.cfg, this might take awhile...
maldet(3656): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
maldet(3656): {scan} scan returned empty file list; check that path exists and contains files in scope of configuration.
[root@localhost ~]# maldet -a /root
Linux Malware Detect v1.6.5
(C) 2002-2023, R-fx Networks <proj@rfxn.com>
(C) 2023, Ryan MacDonald <ryan@rfxn.com>
This program may be freely redistributed under the terms of the GNU GPL v2
maldet(3829): {scan} signatures loaded: 17637 (14801 MD5 | 2053 HEX | 783 YARA | 0 USER)
maldet(3829): {scan} building file list for /root, this might take awhile...
maldet(3829): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
maldet(3829): {scan} scan returned empty file list; check that path exists and contains files in scope of configuration.