Linux Malware Detect (LMD) is a malware scanner for Linux released under
the GNU GPLv2 license, that is designed around the threats faced in
shared hosted environments. It uses threat data from network edge
intrusion detection systems to extract malware that is actively being
used in attacks and generates signatures for detection. In addition,
threat data is also derived from user submissions with the LMD checkout
feature and from malware community resources. The signatures that LMD
uses are MD5 file hashes and HEX pattern matches, they are also easily
exported to any number of detection tools such as ClamAV.
Linux Malware Detect (LMD) Features:
* MD5 file hash detection for quick threat identification
* HEX based pattern matching for identifying threat variants
* statistical analysis component for detection of obfuscated threats (e.g: base64)
* integrated detection of ClamAV to use as scanner engine for improved performance
No comments:
Post a Comment