The maldet command line options for the Linux Malware Detect. See /usr/local/maldetect/conf.maldet for more detailed information on how to use and configure this application.
maldet --help| Option | Description |
|---|---|
--help |
Show help |
--background |
Execute operations in the background, ideal for large scans |
--update-sigs [--force] |
Update malware detection signatures from rfxn.com |
--update-ver [--force] |
Update the installed version from rfxn.com |
--file-list |
Scan files or paths defined in line spaced file |
--scan-recent PATH DAYS |
Scan files created/modified in the last X days (default: 7d, wildcard: ?) |
--scan-all PATH |
Scan all files in path (default: /home, wildcard: ?) |
--include-regex REGEX |
Include paths/files from file list based on supplied posix-egrep regular expression. |
--exclude-regex REGEX |
Exclude paths/files from file list based on supplied posix-egrep regular expression. |
--monitor USERS|PATHS|FILE|RELOAD |
Run maldet with inotify kernel level file create/modify monitoring |
--kill-monitor |
Terminate inotify monitoring service |
--checkout FILE |
Upload suspected malware to rfxn.com for review & hashing into signatures |
--log |
View maldet log file events |
--report SCANID email |
View scan report of most recent scan or of a specific SCANID and optionally e-mail the report to a supplied e-mail address |
--restore FILE|SCANID |
Restore file from quarantine queue to orginal path or restore all items from a specific SCANID |
--quarantine SCANID |
Quarantine all malware from report SCANID |
--clean SCANID |
Try to clean & restore malware hits from report SCANID |
--user USER |
Set execution under specified user, ideal for restoring from user quarantine or to view user reports. |
--config-option VAR1=VALUE,VAR2=VALUE,VAR3=VALUE |
Set or redefine the value of conf.maldet config options |
--purge |
Clear logs, quarantine queue, session and temporary data. |
--web-proxy IP:PORT |
Enable use of HTTP/HTTPS proxy for all remote URL calls. |