HRDN-7230 - Presence malware scanner
Malware scanners search for any traces of malware. Regular checks are advised to improve the detection rate, in case of an intrusion of the system. Also the proper implementation can prevent malware from spreading to other systems. One example might be installing a virus scanner on a mail gateway, to protect users.
How to solve
Every system has its own role to support the business. Depending on the data stored, or transported, the system needs controls in place to detect malware. A web server would benefit from detecting PHP backdoors, where a mail server would benefit from detecting a wide variety of viruses, worms, and trojans.
It is suggested to perform regular malware scanning.
Generic virus detection
Use ClamAV or a commercial alternative
- Rootkit Hunter (rkhunter)
Malware detection for web servers
- Linux Malware Detect (LMD)
Linux and Unix System Hardening
This information is provided as part of the Lynis community project. It is related to Lynis control HRDN-7230. All information should be considered as-is, without guarantees. Any advice or snippets should be tested before implementing in production environments.
Lynis is a technical security audit tool for systems running Linux, UNIX, *BSD, and macOS. It is open source software and free to use. The project has an active community, and can also be found on GitHub.
Need more advanced features, like vulnerability scanning, or reporting installed software packages? Lynis Enterprise will collect more data and present it with an easy to use web interface.
Gain additional benefits: automating security audits, reporting, and the implementation of related security measures.
- Centralized management
- Prioritized plans
- Integration (API)
- Improvement snippets for tools like Ansible, Chef, Cfengine and Puppet