Install RKHunter

[Nytro]

Install RKHunter

Product Name: RKHunter

Product Version: 1.3.6

Homepage: Rootkit.nl - Protect your machine

Description:

rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing MD5 hashes of important files with known good ones in online database, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD.

Step 1: Downloading, Installing and Updateing

cd /usr/local/src
wget http://dfn.dl.sourceforge.net/sourceforge/rkhunter/rkhunter-1.3.6.tar.gz
wget http://dfn.dl.sourceforge.net/sourceforge/rkhunter/rkhunter-1.3.6.tar.gz.sha1.txt
sha1sum -c rkhunter-1.3.6.tar.gz.sha1.txt
tar -zxvf rkhunter-1.3.6.tar.gz
cd rkhunter-1.3.6
./installer.sh --layout default --install
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --propupd
rm -Rf /usr/local/src/rkhunter*
cd

Step 2: Adding daily cron job

Step 2.1: Create run-file

nano -w /etc/cron.daily/rkhunter.sh

Step 2.2: Add this text to rkhunter.sh

#!/bin/sh
(
/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
) | /bin/mail -s 'rkhunter Daily Run (PutYourServerNameHere)' your@email.here

REMEMBER TO CHANGE (PutYourServerNameHere) AND your@email.here

Step 2.3: Chmod rkhunter.sh to root only

chmod 700 /etc/cron.daily/rkhunter.sh

There you go! should be installed, and you will get a mail daily with a status on your system

Sursa: Install RKHunter | SecureCentos.com

[download3r]

Very useful tutorial ! clear and simple.

Thank you Nytro