Saturday, February 9, 2013

CHKRootKit –Detects hacker software and notifies via email

Please keep in mind that, you can use chkrootkit to find the files and processes associated with a rootkit, but you can’t be 100% sure that all pieces of rootkits are found and removed. You can safeguard your system from rootkits by ensuring that all applications and softwares are up-to-date and the system kept patched against all known vulnerabilities.

cd /usr/local/src
tar -xvzf chkrootkit.tar.gz
cd chkrootkit-*/
make sense
cd ..
echo "CHRootKit has been installed!"

Enable Automatic Server Scanning

You can add a cron entry for running chkrootkit automatically and send a scan report to your mail address. Create and add the following entries to “/etc/cron.daily/”

) | /bin/mail -s ‘CHROOTKIT Daily Run (ServerName)’

No comments:

Post a Comment