We noticed that we need to deliver guides around some known things which are possibly not known to the new users. Somehow, many we missed to talk about them since the year 2010. Anti Malware is not fully correct phrase for Linux but the meaning is obvious. Here is a usable list of Anti malware for GNU/Linux server.
Malware are programs which aims to disrupt the normal operation of a server. Virus, spyware, adware, ransomsomware are some known names of specific group of malware. They can steal private information, distort or delete personal data, control the system to use it for the purpose of Man-in-the-Middle attack, using for botnets, running DDoS attack etc.
It must be understood that, there is no general purpose anti malware, antivirus for GNU/Linux as Linux or rather modern unix systems are engineered in a different fashion. Commonly the vulnerabilities are directly patched. Of course existence of Windows like Linux virus theoretically possible but not commonly known.
We are using these listed softwares alone or in combinations for specific security, they are no way replacement of generally suggested security of your server. The likelihood of a Linux server being infected by a virus is very very low, not zero. If that is a concern, then you should understand that and determine if the business is important to you. If the business is worth more than the CPU cycles and disk I/O that it will take to scan, then you should install and use commercial solutions.
Our “anti malware” are free softwares and basically collection of scripts.
---
List Of Anti Malware For GNU/Linux Server
Linux Malware Detect (LMD) aka Maldet : Maldet is a malware scanner for GNU/Linux effective for the detection of PHP backdoors, darkmailers and many other malicious files that can be uploaded on a compromised website. It helps detect infected own websites and clean. Official website :
1 | https://www.rfxn.com |
chkrootkit aka Linux rootkit scanner : chkrootkit stands for Check Rootkit, which is a common Unix-based program and classic rootkit scanner intended to help sysadminis check their system for known rootkits. chkrootkit checks server for suspicious rootkit processes and known rootkit files. Official website :
1 | http://www.chkrootkit.org |
Lynis : Lynis is a security auditing tool for UNIX systems – Linux, macOS, BSD etc to perform an in-depth security scan. Lynis was formerly rkhunter. Official website :
1 | https://cisofy.com/download/lynis/ |
ISPProtect : ISPProtect is a Malware, Antivirus scanner for the web servers to detect Malware in websites, CMS like systems including WordPress, Joomla, Drupal, Magento etc. ISPProtect is developed by the ISPConfig and widely used. Official website :
1 | https://ispprotect.com |
rkhunter(8) : rkhunter is a shell script which carries out various checks on the local system to try and detect known rootkits and malware. It also performs checks to see if commands have been modified, if the system startup files have been modified, and various checks on the network interfaces, including checks for listening applications.
CalmAV : ClamAV is a suite of free stuffs including a multi-threaded scanner daemon, command line utilities for on demand file scanning, automatic database updater and automatic signature updates. Official website :
1 | https://www.clamav.net |
These are softwares which are commonly in use.
