Optimize malware detect (maldet)

Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection.

more at: https://www.rfxn.com/projects/linux-malware-detect

First of all lets install cpulimit.

Cpulimit is a tool which limits the CPU usage of a process (expressed in percentage, not in CPU
time). It is useful to control batch jobs, when you don’t want them to eat too many CPU cycles.

more at: https://github.com/opsengine/cpulimit

$ cd /tmp
$ wget -O cpulimit.zip https://github.com/opsengine/cpulimit/archive/master.zip
$ unzip cpulimit.zip
$ cd cpulimit-master
$ make
$ sudo cp src/cpulimit /usr/bin

Install clamav, this is because if installed, it will use ClamAV clamscan binary as default scan engine which provides improved scan performance on large file sets.

Now, find following and change according to your need.

The maximum directory depth that the scanner will search. Setting value here will improve the
performance of your scan.
scan_max_depth=”10″

Set hard limit on CPU usage for find and clam(d)scan processes.
scan_cpulimit=”100″

When scan_export_filelist is set enabled, the most recent result set will be saved to
‘/usr/local/maldetect/tmp/find_results.last’
scan_export_filelist=”1″

Set hard limit on CPU usage for inotify monitoring processes
inotify_cpulimit=”100″

Leave a Reply

Your email address will not be published. Required fields are marked *