Scan for Rootkits, Backdoors & Exploits Using Rootkit Hunter in Linux
Q. What is Rkhunter?
-- rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits.
Step: 1. Downloading Rkhunter Package :
# yum -y install wget mailx
# cd /tmp
# wget http://downloads.sourceforge.net/project/rkhunter/rkhunter/1.4.2/rkhunter-1.4.2.tar.gz
Step: 2. Installing Rkhunter :
# tar -xvf rkhunter-1.4.2.tar.gz
# cd rkhunter-1.4.2
# ./installer.sh --layout default --install
Step: 3. Checking & Updating Rkhunter Database Properties :
# /usr/local/bin/rkhunter --update
# /usr/local/bin/rkhunter --propupd
Step: 4. Setting Cronjob & Email Alerts :
# vi /etc/cron.daily/rkhunter.sh
#!/bin/sh
(
/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
) | /bin/mail -s 'rkhunter Daily Run (PutYourServerNameHere)' mail@your_domain.com
-- Save & Quit (:wq)
# chmod 755 /etc/cron.daily/rkhunter.sh
Step: 5. To scan the Entire File System :
# rkhunter --check
Step: 6. All Results have been Written to the Log File :
# cat /var/log/rkhunter.log
Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog
0 comments:
Post a Comment