List Of Anti Malware For GNU/Linux Server

We noticed that we need to deliver guides around some known things which are possibly not known to the new users. Somehow, many we missed talking about them since the year 2010. Anti Malware is not a fully correct phrase for Linux but the meaning is obvious. Here is a usable list of Anti-malware for GNU/Linux server.

Malware is a program that aims to disrupt the normal operation of a server. Virus, spyware, adware, ransomware are some known names of a specific group of malware. They can steal private information, distort or delete personal data, control the system to use it for the purpose of Man-in-the-Middle attack, using for botnets, running DDoS attack etc.

It must be understood that, there is no general-purpose anti-malware, antivirus for GNU/Linux as Linux or rather modern UNIX systems are engineered in a different fashion. Commonly the vulnerabilities are directly patched. Of course, the existence of Windows like Linux virus is theoretically possible but not commonly known.

We are using these listed software alone or in combinations for specific security, they are in no way a replacement of the generally suggested security of your server. The likelihood of a Linux server being infected by a virus is very very low, not zero. If that is a concern, then you should understand that and determine if the business is important to you. If the business is worth more than the CPU cycles and disk I/O that it will take to scan, then you should install and use commercial solutions.

Our “anti-malware” is free software and a collection of scripts.

List Of Anti Malware For GNU/Linux Server

Linux Malware Detect (LMD) aka Maldet : Maldet is a malware scanner for GNU/Linux effective for the detection of PHP backdoors, darkmailers and many other malicious files that can be uploaded on a compromised website. It helps detect infected own websites and clean them. Official website :

chkrootkit aka Linux rootkit scanner : chkrootkit stands for Check Rootkit, which is a common Unix-based program and classic rootkit scanner intended to help sysadmins check their system for known rootkits. chkrootkit checks server for suspicious rootkit processes and known rootkit files. Official website :

Lynis : Lynis is a security auditing tool for UNIX systems – Linux, macOS, BSD etc to perform an in-depth security scan. Lynis was formerly rkhunter. Official website :

ISPProtect : ISPProtect is a Malware, Antivirus scanner for the web servers to detect Malware in websites, CMS like systems including WordPress, Joomla, Drupal, Magento etc. ISPProtect is developed by the ISPConfig and is widely used. Official website :

rkhunter(8) : rkhunter is a shell script that carries out various checks on the local system to try and detect known rootkits and malware. It also performs checks to see if commands have been modified, if the system startup files have been modified, and various checks on the network interfaces, including checks for listening applications.

CalmAV : ClamAV is a suite of free stuffs including a multi-threaded scanner daemon, command line utilities for on demand file scanning, automatic database updater and automatic signature updates. Official website :

These are software that are commonly in use.