Check your server for rootkits with rkhunter

I was just adding this to the KB and I thought it would make a useful blog post. So here goes:

1. Download the source file from the website

wget -q

2. Untar the archive

tar -zxvf rkhunter-1.3.8.tar.gz

3. Installation

cd rkhunter-1.3.8


on some distros you will probably need to add –install switch like so:

./ --install

4. Run a scan

/usr/local/bin/rkhunter -c

You can take this further by setting up a cron job to automatically run a scan on a regular basis. Thanks to Surekha in our engineering team for the tutorial :)

This entry was posted in Tutorials. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>