Current Release: Description Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments.
It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection.
– The HEX & MD5 detection signatures from Clam AV are monitored for relevant updates that apply to the target user group of LMD and added to the project as appropriate.
The threat landscape in shared hosted environments is unique from that of the standard AV products detection suite in that they are detecting primarily OS level trojans, rootkits and traditional file-infecting viruses but missing the ever increasing variety of malware on the user account level which serves as an attack platform.
The commercial products available for malware detection and remediation in multi-user shared environments remains abysmal.
The top 60 threats by prevalence detected by LMD are as follows: base64.inject.unclassed perl.ircbot.xscan bin.dccserv.irsexxy perl.mailer.yellsoft bin.fakeproc. N3tshell exp.setuid0.unclassed php.cmdshell.r57 gzbase64.inject php.cmdshell.unclassed html.phishing.auc61 php.html.globals perl.connback. Clx php.mailer.10hack perl.ircbot.devil php.mailer.bombam perl.ircbot.fx29 php.mailer. This option requires a kernel that supports inotify_watch (CONFIG_INOTIFY) which is found in kernels 2.6.13 and Cent OS/RHEL 5 by default.
Xnuxer perl.Lor D bin.perl.shell.cgitelnet bin.ircbot.php3 php.cmdshell.c100 bin.ircbot.unclassed php.cmdshell.c99 bin.pktflood. If you are running Cent OS 4 you should consider an inbox upgrade with: There are three modes that the monitor can be executed with and they relate to what will be monitored, they are USERS|PATHS|FILES.
The spatial operation and time translation, which together form a spatio-temporal symmetry of the trajectory of the electron, are shown with red and blue arrows respectively.
View this paper Algorithms based on the process of natural evolution are widely used to solve multi-objective optimization problems.
An analysis of 8,883 malware hashes, detected by LMD 1.5, against 30 commercial anti-virus and malware products paints a picture of how poorly commercial solutions perform.
Using the Team Cymru malware hash registry, we can see that of the 8,883 malware hashes shipping with LMD 1.5, there was 6,931 or 78% of threats that went undetected by 30 commercial anti-virus and malware products.
The driving force behind LMD is that there is currently limited availability of open source/restriction free tools for Linux systems that focus on malware detection and more important that get it right.