Posts tagged malware

Linux Malware Detect v1.3.3: Making good things better

May 15th

Posted in Development

1 comment

This morning I have put out LMD v1.3.3, this is on the back of two other successive releases in recent days that improved LMD in many areas, along with correcting some bugs that were graciously reported by those helping to break-in the project. I have also listened to feedback and revised a number of features along with completely redoing how the inotify monitoring operates, to provide a much more robust model for real-time file monitoring.

I am also happy to say that people are embracing the use of the -c|–checkout option to send me malware that is not currently detected, which More >

, , ,

LMD Signatures: RSS Feed & XML

May 12th

Posted in Development

No comments

While I was making some signature updates this afternoon, It occurred to me that it might be useful if the signatures were available through an RSS feed for update tracking or should anyone want to serialize the importing of my signature data into other applications.

The signatures can be access in two data formats, the first is an RSS feed that presents the 50 most recent signatures published. The second is an XML element tree that can be queried by signature ID or for all/recent signatures. There is nothing fancy about either of these data sources, information is presented clean and More >

,

Better Late Than Never: Linux Malware Detect 1.3

May 12th

Posted in Development

1 comment

Today I have released Linux Malware Detect (LMD) 1.3, the first public stable release of my malware detection tool. The documentation is a little thin but the details are on the project page and the README file should fill you in on anything you need to know, otherwise you can post a comment on the bottom of the project page and I will assist where possible. Input on feature ideas, bugs and malware data is always welcome, see the –help options on LMD for the checkout feature to upload malware data to rfxn.com.

In October I detailed the concepts behind the More >

, , ,

Out with the old, In with the new!

May 6th

Posted in My Blog

1 comment

The old theme was doing my head in, so I ditched it. Keep an eye out in the coming days/weeks for new releases of APF & BFD in addition to a few more howto entries and the release of maldetect with a ATF stats landing page.

, , ,

Linux Malware Detectection

Oct 19th

Posted in Development

8 comments

[ UPDATE: Linux Malware Detect has been released ] I have the last few weeks been working on a new project for malware detection on Linux web servers, it is already at a pre-release version in use at work and it has shown phenomenal promise.

Right to it, some background… On a daily basis the network I manage receives a large number of attacks, most of these are web based abuses against common web application vulnerabilities which inject/upload to servers an array of malware such as phishing content, defacement tools, exploits for privilege escalation and irc c&c bots. All these actions are typically More >

, , ,
«12