How To Install RKHunter

by Tweak on June 11, 2009
in Security, Servers

Post a Comment

“Rootkit scanner is scanning tool to ensure you for about 99.9%* you’re clean of nasty tools.
This tool scans for rootkits, backdoors and local exploits by running tests like:
- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files
Rootkit Hunter is released as GPL licensed project and free for everyone to use.
* No, not really 99.9%.. It’s just another security layer”
www.rootkit.nl

RKhunter is compatible with the most popular Hosting Control Panels like cPanel, Directadmin, Plesk etc.

Install Rkhunter:

  1. Login to your server via SSH as root.
  2. Download RKHunter Version 1.3.4
    wget http://files.123tweak.com/rkhunter-1.3.4.tar.gz
  3. Extract files
    tar -xzvf rkhunter-1.3.4.tar.gz
  4. Change into the rkhunter directory:
    cd rkhunter-1.3.4
  5. Install RKHunter
    ./installer.sh
  6. Now you can run a test scan with the following command:
    /usr/local/bin/rkhunter -c
  7. Lets setup RKHunter to e-mail you you daily scan reports.
    nano /etc/cron.daily/rkhunter.sh
    Add the following replacing your email address:
    #!/bin/bash
    (/usr/local/bin/rkhunter -c --cronjob 2>&1 | mail -s "Daily Rkhunter Scan Report" youremail@domain.com)
    then
    chmod +x /etc/cron.daily/rkhunter.sh

Updating RKHunter

Gets the latest database updates from their central server and matches your OS better to prevent false positives.

rkhunter --update

Share and Enjoy:
  • email
  • Print
  • PDF
  • Facebook
  • Digg
  • del.icio.us
  • Google Bookmarks
  • StumbleUpon
  • MySpace
  • Live
  • Twitter
  • Yahoo! Buzz

Tags: , ,

Comments are closed.