Steps to install Rkhunter(Rootkit hunter) on server – Linux

Before starting the Rkhunter installation we must have an idea about the ‘Rootkit’. A rootkit is a stealthy type of software, typically malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer. The word rootkit is a concatenation of “root” (Means the administrative privilege) and “kit” (represents the software kit). Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it.

Rkhunter(Rootkit hunter) is an opensource scanner for Linux system to find out if any rootkit infection is there.
Do follow the steps below to install Rkhunter.

Step 1 : Downloading the latest version of Rkhunter.

# cd /tmp
# wget http://ncu.dl.sourceforge.net/project/rkhunter/rkhunter/1.4.0/rkhunter-1.4.0.tar.gz

Step 2 : Installing Rkhunter.
Extract the tar file you have downloaded and install it by executing the following command as root user.

# tar -xvf rkhunter-1.4.0.tar.gz
# cd rkhunter-1.4.0
# ./installer.sh --layout default --install

Step 3: Updating Rkhunter.
Update the Rkhunter to fill the database properties.

# /usr/local/bin/rkhunter --update
# /usr/local/bin/rkhunter --propupd

Done !!

Common usage
How to scan your Linux system for “rootkit” ?
You can manually check the system by using the switch -c along with the Rkhunter tool.
Syntax:

# rkhunter -c
Or
# rkhunter --check

You can check the scan details from “/var/log/rkhunter.log“.

You will get more details by executing the rkhunter with –help switch.

# rkhunter --help

That’s it 🙂 🙂

Related:
Snoopy logger

Post navigation

Arunlal A

Senior System Developer at Zeta. Linux lover. Traveller. Let's connect! Whether you're a seasoned DevOps pro or just starting your journey, I'm always eager to engage with like-minded individuals. Follow my blog for regular updates, connect on social media, and let's embark on this DevOps adventure together! Happy coding and deploying!

One thought on “Steps to install Rkhunter(Rootkit hunter) on server – Linux

Leave a Reply

Your email address will not be published. Required fields are marked *