request system malware-scan
Syntax
request system malware-scan integrity-check quick-scan clean-action (clean | warn) pids set-of-pids run-fake-malware | list-fake-malware
Description
Run the Juniper Malware Removal Tool (JMRT), which scans for and removes malware running on Juniper Networks devices. This command can perform multiple types of scans, detailed in the following section.
Options
integrity-check |
Check whether integrity mechanisms are enabled and working properly. Integrity mechanisms allow only signed binaries to run on the system. Note:
Junos OS with Junos Automation Enhancements does not run Veriexec. As
such, running the |
quick-scan |
Start a quick scan, which attempts to scan each process’ executable for malware. If the executable file does not exist, it scans the process memory instead. |
clean-action (clean | warn) |
Determine the action that JMRT should take when potential malware is detected:
|
pids set-of-pids |
Set of process IDs (PIDs) to scan. By default, JMRT scans all processes. |
You can access the following options by default in Junos OS Evolved. To access them
in Junos OS, install the jmrt-test
package.
You will see the run-fake-malware
and
list-fake-malware
options in Junos OS only if you have
installed jmrt-test
.
Before 23.3, you must enable the jmrt-test
package to gain
access to the test
option for quick-scan
,
run-fake-malware
, and
list-fake-malware
.
run-fake-malware |
Spawn a fake malware process on the system. |
list-fake-malware |
List all fake malware processes (PIDs) that are running on the system. |
Required Privilege Level
admin
Release Information
Command introduced in Junos OS Release 19.2R1.
Command
option veriexec-check
renamed as integrity-check
in Junos OS Release 21.4R1.
Command introduced in Junos OS Evolved Release 21.4R1.