Nuffnang

Saturday, March 9, 2013

LMD : Linux Malware Detect

Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection. In addition, threat data is also derived from user submissions with the LMD checkout feature and from malware community resources. The signatures that LMD uses are MD5 file hashes and HEX pattern matches, they are also easily exported to any number of detection tools such as ClamAV.

Linux Malware Detect (LMD) Features:
 * MD5 file hash detection for quick threat identification
 * HEX based pattern matching for identifying threat variants
 * statistical analysis component for detection of obfuscated threats (e.g: base64)
 * integrated detection of ClamAV to use as scanner engine for improved performance

No comments:

Post a Comment