This article will help you to install Rkhunter in Linux. Ever heard about RootKit Hunter (Rkhunter )? This tool scans for rootkits, backdoors, and local exploits by running tests like:
– MD5 hash compare
– Look for default files used by rootkits
– Wrong file permissions for binaries
– Look for suspected strings in LKM and KLD modules
– Look for hidden files
– Optional scan within plaintext and binary files
Follow the below steps to scan your system using RootKit Hunter.
1) Go to “/opt” and download the latest RootKit Hunter from here >> http://sourceforge.net/projects/rkhunter/
cd /opt wget http://nchc.dl.sourceforge.net/project/rkhunter/rkhunter/1.4.2/rkhunter-1.4.2.tar.gz tar -xvf rkhunter-1.4.2.tar.gz cd rkhunter-1.4.2
( Please note that the above URL won’t always work. So you need to find the correct package and download link from here >> http://sourceforge.net/projects/rkhunter/ )
2) Install the RootKit Hunter by running the installer.sh script with “–install” switch.
./installer.sh --install
3) Run the below command to update RootKit Hunter.
rkhunter --update
4) Run the below command to perform the scan. ( Where -c is to check the local system and –sk is to skip keypress )
rkhunter -c -sk
That’s it. It will scan the local system and will give you a detailed output.
So that’s how you install rkhunter in Linux.
