Blog

Check your server for rootkits with rkhunter

I was just adding this to the KB and I thought it would make a useful blog post. So here goes:

1. Download the source file from the website

wget -q http://sourceforge.net/projects/rkhunter/files/rkhunter/1.3.8/rkhunter-1.3.8.tar.gz

2. Untar the archive

tar -zxvf rkhunter-1.3.8.tar.gz

3. Installation

cd rkhunter-1.3.8

./installer.sh

on some distros you will probably need to add –install switch like so:

./installer.sh --install

4. Run a scan

/usr/local/bin/rkhunter -c

You can take this further by setting up a cron job to automatically run a scan on a regular basis. Thanks to Surekha in our engineering team for the tutorial :)

http://rkhunter.sourceforge.net
http://en.wikipedia.org/wiki/Rkhunter

Share
This entry was posted in Tutorials. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *





You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>