Steps to install Rkhunter(Rootkit hunter) on server – Linux

Before starting the Rkhunter installation we must have an idea about the ‘Rootkit’. A rootkit is a stealthy type of software, typically malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer. The word rootkit is a concatenation of “root” (Means the administrative privilege) and “kit” (represents the software kit). Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it.

Rkhunter(Rootkit hunter) is an opensource scanner for Linux system to find out if any rootkit infection is there.
Do follow the steps below to install Rkhunter.

Step 1 : Downloading the latest version of Rkhunter.

# cd /tmp
# wget

Step 2 : Installing Rkhunter.
Extract the tar file you have downloaded and install it by executing the following command as root user.

# tar -xvf rkhunter-1.4.0.tar.gz
# cd rkhunter-1.4.0
# ./ --layout default --install

Step 3: Updating Rkhunter.
Update the Rkhunter to fill the database properties.

# /usr/local/bin/rkhunter --update
# /usr/local/bin/rkhunter --propupd

Done !!

Common usage
How to scan your Linux system for “rootkit” ?
You can manually check the system by using the switch -c along with the Rkhunter tool.

# rkhunter -c
# rkhunter --check

You can check the scan details from “/var/log/rkhunter.log“.

You will get more details by executing the rkhunter with –help switch.

# rkhunter --help

That’s it 🙂 🙂

Snoopy logger

Post navigation

Arunlal Ashok

DevOps Engineer at Zeta Suite. Linux lover. Traveller. Father of two princesses.

Always happy for an open discussion! Write to arun ((@)) crybit ((dot)) com.

One thought on “Steps to install Rkhunter(Rootkit hunter) on server – Linux

Leave a Reply

Your email address will not be published.