Steps to install Rkhunter(Rootkit hunter) on server – Linux

Before starting the Rkhunter installation we must have an idea about the ‘Rootkit’. A rootkit is a stealthy type of software, typically malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer. The word rootkit is a concatenation of “root” (Means the administrative privilege) and “kit” (represents the software kit). Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it.

Rkhunter(Rootkit hunter) is an opensource scanner for Linux system to find out if any rootkit infection is there.
Do follow the steps below to install Rkhunter.

Step 1 : Downloading the latest version of Rkhunter.

# cd /tmp
# wget

Step 2 : Installing Rkhunter.
Extract the tar file you have downloaded and install it by executing the following command as root user.

# tar -xvf rkhunter-1.4.0.tar.gz
# cd rkhunter-1.4.0
# ./ --layout default --install

Step 3: Updating Rkhunter.
Update the Rkhunter to fill the database properties.

# /usr/local/bin/rkhunter --update
# /usr/local/bin/rkhunter --propupd

Done !!

Common usage
How to scan your Linux system for “rootkit” ?
You can manually check the system by using the switch -c along with the Rkhunter tool.

# rkhunter -c
# rkhunter --check

You can check the scan details from “/var/log/rkhunter.log“.

You will get more details by executing the rkhunter with –help switch.

# rkhunter --help

That’s it 🙂 🙂

Snoopy logger

Arunlal Ashok

Sr. Linux Server Administrator. I'm managing Linux servers since 2012. I started this blog to share and discuss my ideas. Check My Profile in uPwork (oDesk) and create a job, if you need any administration help. Thanks!!

You may also like...

1 Response

  1. February 11, 2014

    […] We have already discussed about the installation of Rkhunter on Linux machine, Refer this Steps to install Rkhunter. […]

Leave a Reply

Your email address will not be published. Required fields are marked *