rescue mode scans
I have a virtual rhel 7.9 server, and it is triggering firewall alerts for malware.
I've run many scans, and found a couple php items, but that's it. I'd like to know if there is a why to boot to rescue mode, and then install/run clamav and lmd, while the image isn't running. I can get into rescue, and I can get network, once I chroot /mnt/sysimage. I can then wget the clamav and lmd. They appear to install, though clamscan doesn't work. Lmd does, but I can't seem to scan anything. The scan starts, it loads signatures, but the scan returns and empty file list. My command is: bash-4.4# ./maldet -a /dev/mapper/vgtest-root, which is what df -h shows. It's likely simple, but I have worked very little in rescue, and it was to replace boot loaders. Thanks! |
All times are GMT -5. The time now is 11:17 AM. |