Saturday, February 9, 2013

RootKit Hunter – A tool which scans for backdoors and malicious softwares present in the server.

Rkhunter (Rootkit Hunter) is an open source Unix/Linux based scanner tool for Linux systems released under GPL that scans backdoors, rootkits and local exploits on your systems. It scans hidden files, wrong permissions set on binaries, suspicious strings in kernel etc. To know more about Rkhunter and its features visit


cd /usr/local/src
tar -xzvf rkhunter-1.4.0.tar.gz
cd rkhunter-1.4.0
./ --install
rkhunter --check
echo "Rkhunter successfully installed!"
log : /var/log/rkhunter.log

To update it
rkhunter --update
rkhunter --propupd

set crontab to scan and email the report

/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
) | /bin/mail -s 'rkhunter Daily Run (PutYourServerNameHere)'

No comments:

Post a Comment