AlmaLinux Web Server Malware Scanning Tutorial
If you maintain a computer it can be reassuring to have access to some quality Malware Scanning functionality (often part of an AntiVirus suite of functionality located, for us, in amongst the cPanel functionality of our AlmaLinux WHM Linux web server software parts). So it is with our “soon to be” RJM Programming AlmaLinux web server, which has provided us with ImunifyAV …
ImunifyAV: Best Free Linux Server Antivirus
… 7.14.0 version, further to previous malware blog posting regarding laptop themed Malware Protection Primer Tutorial.
We’ve used ImunifyAV a few times, now, on our AlmaLinux web server, and find it easy to use, starting a session scanning …
/home*/*
… folder specification, which covers the public parts of the RJM Programming domain reach.
But we have come across some false positive Malware readings …
How do we know? It’s the combination of …
- what it suspected was inhouse code … and …
- we stopped it being flagged as “malware” via …
- copied the code to a newly created folder (for speed of scanning purposes)
- found that for two inhouse code examples, now, by changing codelines that used to look like …
[some code statement]; // thanks to https://[domain]/[requestURI]
… to …
[some code statement]; // thanks to https [domain] [requestURI]
… and the fact that this took the code off that “malware” suspicion list made us think that “signature based” malware checking can throw up very occasional false positives
- delete this code and its temporary folder
- make the changes to the original code
- rerun the /home*/* (or subset) scanning run, to reassure
So, if a small number of these inhouse examples are found we recommend not panicking, and checking each one out for these “what must be signature based” Malware Scanning accidental “false positives”. Else if still flagged … panic! But seriously, you may need to examine further, or quarantine, via deletion perhaps, or purchase more ImunifyAV functionality that purports to fix such malware issues.
Previous relevant Malware Protection Primer Tutorial is shown below.
Malware Protection Primer Tutorial
To quote Wikipedia, Malware is …
Malware (a portmanteau for malicious software) is any software intentionally designed to cause damage to a computer, server, client, or computer network.[1] Malware does the damage after it is implanted or introduced in some way into a target’s computer and can take the form of executable code, scripts, active content, and other software.[2]
… and as such, should not be confused with another security concern called “computer viruses” … Wikipedia again …
A computer virus is a type of malicious software that, when executed, replicates itself by modifying other computer programs and inserting its own code.[1] When this replication succeeds, the affected areas are then said to be “infected” with a computer virus.[2][3]
Confusion could mean that you think a “computer virus” scanning system will protect you from Malware. If the scanning product doesn’t say so, it doesn’t. On our MacBook Pro we got offered the chance to try out a Malware controlling piece of software called Malwarebytes, and we’ve been using its simple interface to scan for Malware at regular intervals. We like it, and think you may like it too … hence the blog posting, for your perspicacious self, like.
If this was interesting you may be interested in this too.
If this was interesting you may be interested in this too.
