Steps to install Rkhunter(Rootkit hunter) on server – Linux

Before starting the Rkhunter installation we must have an idea about the ‘Rootkit’. A rootkit is a stealthy type of software, typically malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer. The word rootkit is a concatenation of “root” (Means the administrative privilege) and “kit” (represents the software kit). Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it.

Rkhunter(Rootkit hunter) is an opensource scanner for Linux system to find out if any rootkit infection is there.
Do follow the steps below to install Rkhunter.

Step 1 : Downloading the latest version of Rkhunter.

# cd /tmp
# wget http://ncu.dl.sourceforge.net/project/rkhunter/rkhunter/1.4.0/rkhunter-1.4.0.tar.gz

Step 2 : Installing Rkhunter.
Extract the tar file you have downloaded and install it by executing the following command as root user.

# tar -xvf rkhunter-1.4.0.tar.gz
# cd rkhunter-1.4.0
# ./installer.sh --layout default --install

Step 3: Updating Rkhunter.
Update the Rkhunter to fill the database properties.

# /usr/local/bin/rkhunter --update
# /usr/local/bin/rkhunter --propupd

Done !!

Common usage
How to scan your Linux system for “rootkit” ?
You can manually check the system by using the switch -c along with the Rkhunter tool.
Syntax:

# rkhunter -c
Or
# rkhunter --check

You can check the scan details from “/var/log/rkhunter.log“.

You will get more details by executing the rkhunter with –help switch.

# rkhunter --help

That’s it 🙂 🙂

Related:
Snoopy logger

Post navigation

Arunlal Ashok

Cloud Infrastructure / DevOps Engineer. I'm dealing Linux servers since 2012. I started this blog to share and discuss my ideas.

Always happy for an open discussion! Write to arun (@) crybit (dot) com. Check about me for more details. About this blog and our strong members, check The team CryBit.com

One thought on “Steps to install Rkhunter(Rootkit hunter) on server – Linux

Leave a Reply

Your email address will not be published. Required fields are marked *