RKHunter Configuration Guide

Published January 23, 2010 by Siva

Rkhunter is a very useful tool that is used to check for trojans, rootkits, and other security problems. This tutorial will touch on installing and setting up a daily report for rkhunter.

Installing:

wget http://downloads.rootkit.nl/rkhunter-1.2.7.tar.gz

wget http://downloads.sourceforge.net/project/rkhunter/rkhunter/1.3.6/rkhunter-1.3.6.tar.gz?use_mirror=nchc
tar -zxvf rkhunter-1.2.7.tar.gz
cd rkhunter-1.2.7
./installer.sh –layout /usr/local/rkhunter –install

Updating rkhunter

gets the latest database updates from their central server and matches your OS better to prevent false positives

rkhunter –update

Now you can run a test scan with the following command:

/usr/local/bin/rkhunter -c

How to setup a daily scan report?

vim /etc/cron.daily/rkhunter.sh

add the following replacing your email address:

#!/bin/bash
/usr/local/bin/rkhunter –cronjob –rwo –nocolors | mail -s “Rkhunter daily run on `uname -n`” siva@example.com
exit 0

chmod +x /etc/cron.daily/rkhunter.sh

About these ads

2 comments on “RKHunter Configuration Guide

  • Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out / Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out / Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out / Change )

    Google+ photo

    You are commenting using your Google+ account. Log Out / Change )

    Connecting to %s

    Follow

    Get every new post delivered to your Inbox.

    %d bloggers like this: