Announcement

Collapse
No announcement yet.

Install RKHunter in centos

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Install RKHunter in centos

    This post explains how to install RKHunter in Linux. Rootkit scanner is a scanning tool. This tool scans for rootkits, backdoors and local exploits by running tests like:

    - MD5 hash compare
    - Look for default files used by rootkits
    - Wrong file permissions for binaries
    - Look for suspected strings in LKM and KLD modules
    - Look for hidden files
    - Optional scan within plaintext and binary files

    Rootkit Hunter is released as GPL licensed project and free for everyone to use. Can be downloaded from
    Code:
    http://www.rootkit.nl


    Installation:
    Change to usr/local/src to download the package

    Code:
    #cd /usr/local/src
    Download the package
    #wget [url]http://dfn.dl.sourceforge.net/sourceforge/rkhunter/rkhunter-1.3.6.tar.gz[/url]
    Untar the source
    #tar -zxvf rkhunter-1.3.6.tar.gz
    #cd rkhunter-1.3.6
    #./installer.sh --layout default --install
    #/usr/local/bin/rkhunter --update
    /#usr/local/bin/rkhunter --propupd
    Now adding the cron entry :
    Code:
    #vi  /etc/cron.daily/rkhunter.sh
    
    #!/bin/sh
    (
    /usr/local/bin/rkhunter --versioncheck
    /usr/local/bin/rkhunter --update
    /usr/local/bin/rkhunter --cronjob --report-warnings-only
    ) | /bin/mail -s 'rkhunter Daily Run (Server_identification_id)'  Emailid_to_get_notifications
    Securing the script
    Code:
    #chmod 700 /etc/cron.daily/rkhunter.sh
    Thats it. You can run it manually using the following command :
    #rkhunter -c -sk
    Last edited by kuldeep; 02-25-2015, 10:38 PM.
Working...
X