how to install Root Kit Hunter (RKHunter) on Centos

This post explains how to install RKHunter  in Linux. Rootkit scanner is a scanning tool. This tool scans for rootkits, backdoors and local exploits by running tests like:

- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files

Rootkit Hunter is released as GPL licensed project and free for everyone to use. Can be downloaded from http://www.rootkit.nl

Installation:
Change to usr/local/src to download the package

#cd /usr/local/src
Download the package
#wget http://dfn.dl.sourceforge.net/sourceforge/rkhunter/rkhunter-1.3.6.tar.gz
Untar the source
#tar -zxvf rkhunter-1.3.6.tar.gz
#cd rkhunter-1.3.6
#./installer.sh --layout default --install
#/usr/local/bin/rkhunter --update
/#usr/local/bin/rkhunter --propupd

Now adding the cron entry :
#vi  /etc/cron.daily/rkhunter.sh

#!/bin/sh
(
/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
) | /bin/mail -s 'rkhunter Daily Run (Server_identification_id)'  Emailid_to_get_notifications

Securing the script
#chmod 700 /etc/cron.daily/rkhunter.sh

Thats it. You can run it manually using the following command :
#rkhunter -c -sk

  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

how to install htop on centos

There are times you want to have a better control over the system processes and usage and also...

how to check VPS Disk I/O

1. Login to root 2. Execute this command dd if=/dev/zero of=test bs=64k count=16k conv=fdatasync

Adding Setup text tool on Redhat/Centos

1. login as root 2. do yum install setuptools system-config-securitylevel-tui: for...