Scan for Rootkits, Backdoors & Exploits Using Rootkit Hunter in Linux

Q. What is Rkhunter?
-- rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits.

Step: 1. Downloading Rkhunter Package :

# yum -y install wget mailx
# cd /tmp
# wget http://downloads.sourceforge.net/project/rkhunter/rkhunter/1.4.2/rkhunter-1.4.2.tar.gz

Step: 2. Installing Rkhunter :

# tar -xvf rkhunter-1.4.2.tar.gz
# cd rkhunter-1.4.2
# ./installer.sh --layout default --install

Step: 3. Checking & Updating Rkhunter Database Properties :

# /usr/local/bin/rkhunter --update
# /usr/local/bin/rkhunter --propupd

Step: 4. Setting Cronjob & Email Alerts :

# vi /etc/cron.daily/rkhunter.sh

#!/bin/sh
(
/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
) | /bin/mail -s 'rkhunter Daily Run (PutYourServerNameHere)' mail@your_domain.com

-- Save & Quit (:wq)

# chmod 755 /etc/cron.daily/rkhunter.sh

Step: 5. To scan the Entire File System :

# rkhunter --check

Step: 6. All Results have been Written to the Log File :

# cat /var/log/rkhunter.log

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog