{"id":3620,"date":"2018-08-07T16:56:59","date_gmt":"2018-08-07T08:56:59","guid":{"rendered":"https:\/\/dingxuan.info\/wp\/?p=3620"},"modified":"2018-08-07T17:07:00","modified_gmt":"2018-08-07T09:07:00","slug":"%e9%83%a8%e7%bd%b2%e7%97%85%e6%af%92%e5%8f%8a%e6%81%b6%e6%84%8f%e8%84%9a%e6%9c%ac%e6%a3%80%e6%b5%8b%e7%a8%8b%e5%ba%8f-rkhunter-clamav-lmd","status":"publish","type":"post","link":"https:\/\/ybzx.vip\/wp\/?p=3620","title":{"rendered":"\u90e8\u7f72\u75c5\u6bd2\u53ca\u6076\u610f\u811a\u672c\u68c0\u6d4b\u7a0b\u5e8f Rkhunter \/ ClamAV \/ LMD"},"content":{"rendered":"
\n
\n
\u90e8\u7f72\u4e09\u4e2a\u68c0\u6d4b\u5de5\u5177rkhunter\uff0cClamAV\u53ca<\/span>Linux Malware Detect<\/a>\u00a0\uff08LMD\uff09\u3002\u5206\u522b\u7528\u4e8erootkit\u548c\u6076\u610f\u811a\u672c\u68c0\u6d4b\u3002<\/span><\/div>\n
<\/div>\n
1.ClamAV<\/span><\/div>\n
<\/div>\n
\n
yum install clamav clamav-update clamav-scanner-systemd clamav-server-systemd<\/span><\/div>\n
\u6216<\/span><\/div>\n
yum install clamav<\/span><\/div>\n
<\/div>\n
sudo sed -i -e “s\/^Example\/#Example\/” \/etc\/freshclam.conf<\/span><\/div>\n
sudo sed -i -e “s\/^Example\/#Example\/” \/etc\/clamd.d\/scan.conf<\/span><\/div>\n
<\/div>\n
freshclam<\/span><\/div>\n
clamscan -r -i \/var\/www\/html<\/span><\/div>\n<\/div>\n
<\/div>\n
<\/div>\n
2.Rkhunter<\/span><\/div>\n
<\/div>\n
\n
<\/div>\n
yum install rkhunter<\/span><\/div>\n
rkhunter –propupd<\/span><\/div>\n
rkhunter -u<\/span><\/div>\n
rkhunter –checkall<\/span><\/div>\n
<\/div>\n
cat \/var\/log\/rkhunter\/rkhunter.log | grep -i warning<\/span><\/div>\n<\/div>\n
<\/div>\n
<\/div>\n
3.LMD<\/span><\/div>\n
\n
wget <\/span>http:\/\/www.rfxn.com\/downloads\/maldetect-current.tar.gz<\/a><\/div>\n
tar -xvf maldetect-current.tar.gz<\/span><\/div>\n
cd maldetect-1.4.2<\/span><\/div>\n
.\/install.sh<\/span><\/div>\n
vim \/usr\/local\/maldetect\/conf.maldet<\/span><\/div>\n<\/div>\n
<\/div>\n
<\/div>\n
\/usr\/local\/maldetect\/conf.maldet\u00a0\u5178\u578b\u914d\u7f6e\uff1a<\/span><\/div>\n
\n
email_alert=1<\/span><\/div>\n
email_addr=youremail@localhost<\/a><\/span><\/div>\n
email_subj=”Malware alerts for $HOSTNAME – $(date +%Y-%m-%d)”<\/span><\/div>\n
quar_hits=1<\/span><\/div>\n
quar_clean=1<\/span><\/div>\n
clam_av=1<\/span><\/div>\n<\/div>\n
<\/div>\n
<\/div>\n
<\/div>\n
\n
maldet -u<\/span><\/div>\n
maldet –scan-all \/var\/www\/html<\/span><\/div>\n<\/div>\n

\u540e\u7eed\uff1a\u65e5\u5e38\u68c0\u67e5 \/ crontab\u8bbe\u7f6e<\/span><\/h3>\n
\n
\n
maldet -u<\/div>\n
freshclam<\/div>\n
rkhunter -u<\/div>\n
rkhunter –propupd<\/div>\n
<\/div>\n
rkhunter\u00a0–sk\u00a0–checkall<\/div>\n
maldet –scan-all \/var\/www\/html<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

\u90e8\u7f72\u4e09\u4e2a\u68c0\u6d4b\u5de5\u5177rkhunter\uff0cClamAV\u53caLinux Malware Detect\u00a0\uff08LMD\uff09\u3002\u5206\u522b\u7528\u4e8e … \u7ee7\u7eed\u9605\u8bfb\u90e8\u7f72\u75c5\u6bd2\u53ca\u6076\u610f\u811a\u672c\u68c0\u6d4b\u7a0b\u5e8f Rkhunter \/ ClamAV \/ LMD<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[79],"class_list":["post-3620","post","type-post","status-publish","format-standard","hentry","category-live","tag-centos"],"_links":{"self":[{"href":"https:\/\/ybzx.vip\/wp\/index.php?rest_route=\/wp\/v2\/posts\/3620","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ybzx.vip\/wp\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ybzx.vip\/wp\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ybzx.vip\/wp\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ybzx.vip\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3620"}],"version-history":[{"count":0,"href":"https:\/\/ybzx.vip\/wp\/index.php?rest_route=\/wp\/v2\/posts\/3620\/revisions"}],"wp:attachment":[{"href":"https:\/\/ybzx.vip\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3620"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ybzx.vip\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3620"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ybzx.vip\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3620"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}