Bug#810125: RFP: linux-malware-detect -- Linux Malware Detect (LMD) is a malware scanner for Linux
Package: wnpp
Severity: wishlist
* Package name : linux-malware-detect
Version : 1.5
Upstream Author : Ryan MacDonald <ryan@r-fx.org>
* URL : https://github.com/rfxn/linux-malware-detect
* License : GPL v2
Programming Lang: Bash, Perl
Description : Linux Malware Detect (LMD) is a malware scanner for Linux
Hi,
Please can you create a Debian package for LMD?
This is an interesting software when administering the shared web server that hosts several web sites. It will detect infected CMS.
The source code is available at: https://github.com/rfxn/linux-malware-detect
The sources of a Debian package is available at: https://github.com/waja/maldetect
The author of the sources of Debian package does not have time to maintain the package in the long term: https://github.com/waja/maldetect/issues/1
The description on github:
Linux Malware Detect (LMD) is a malware scanner for Linux released under the
GNU GPLv2 license, that is designed around the threats faced in shared hosted
environments. It uses threat data from network edge intrusion detection
systems to extract malware that is actively being used in attacks and
generates signatures for detection. In addition, threat data is also derived
from user submissions with the LMD checkout feature and from malware
community resources. The signatures that LMD uses are MD5 file hashes and HEX
pattern matches, they are also easily exported to any number of detection
tools such as ClamAV.
The driving force behind LMD is that there is currently limited availability
of open source/restriction free tools for Linux systems that focus on malware
detection and more important that get it right. Many of the AV products that
perform malware detection on Linux have a very poor track record of detecting
threats, especially those targeted at shared hosted environments.
The threat landscape in shared hosted environments is unique from that of the
standard AV products detection suite in that they are detecting primarily OS
level trojans, rootkits and traditional file-infecting viruses but missing
the ever increasing variety of malware on the user account level which serves
as an attack platform.
Regards.
Reply to: