Installing LMD is very easy and can be done in just a few steps
tar -xvf maldetect-current.tar.gz
That downloads the file, extracts it, goes into the folder it created, and installs it, and that’s all!
You can use it the way it is right out of the box, but if you want to configure the email notification option, quarantine option, etc., this can be done by editing the maldet config file at /usr/local/maldetect/conf.maldet
The options are pretty self explanatory and the conf file is well documented with comments above each option.
The quarantine option should only be used if you are sure you want to automatically quarantine files it detects. This can be dangerous as sometimes that are false positives that can be detected and it can wind up quarantining an important file which results in breaking a site.
Now on to using Maldet, first update it before running any scans by typing:
maldet -d && maldet -u
Then you can either scan an individual account or the entire server. To scan an individual account you can type:
maldet -a /home/user
To scan the entire server you can type:
maldet -b –scan-all /home?/?/public_?
To see all reports available you can type:
maldet –report list
Then to show the details of a specific report type:
maldet –report THE_SCAN_ID
By default, the quarantine option is disabled, unless you enabled it in the conf file. If you want to quarantine the files found in a report, you can type:
maldet -q THE_SCAN_ID