linux-malware-detect
linux-malware-detect copied to clipboard
rfxn
maldet(15338): {scan} scan returned empty file list; check that path exists and contains files in scope of configuration. maldetect-1.6.4
[root@malware ~]# maldet -a /root/Documents/malware/thezoo/ Linux Malware Detect v1.6.4 (C) 2002-2019, R-fx Networks [email protected] (C) 2019, Ryan MacDonald [email protected] This program may be freely redistributed under the terms of the GNU GPL v2
maldet(15338): {scan} signatures loaded: 17253 (14431 MD5 | 2039 HEX | 783 YARA | 0 USER) maldet(15338): {scan} building file list for /root/Documents/malware/thezoo/, this might take awhile... maldet(15338): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6 maldet(15338): {scan} scan returned empty file list; check that path exists and contains files in scope of configuration.
Seems maldet is not scanning files owned by root. (#273) I'll be glad to get over that limitation. Seeking for the option, not finding anything for now.
Hi !
Glad I kept that tab open, the answer is simply in /usr/local/maldetect/conf.maldet :
# As a design and common use case, LMD typically only scans user space paths
# and as such it makes sense to ignore files that are root owned. It is
# recommended to leave this enabled for best performance.
# [ 0 = disabled, 1 = enabled ]
scan_ignore_root="0"
Hello there.
I have the same issue on FreeBSD 13. Getting the same error on any directory I try to scan.
Have scan_ignore_root="0" as well, in config file.
Any idea?
"maldet(15338): {scan} scan returned empty file list; check that path exists and contains files in scope of configuration."
"maldet(15338): {scan} scan returned empty file list; check that path exists and contains files in scope of configuration."
Try to start like this: OSTYPE=FreeBSD maldet -a /path.
This OS detection is incorrect as $OSTYPE can return something like "freebsd13.0":
https://github.com/rfxn/linux-malware-detect/blob/master/files/internals/internals.conf#L27
