Google Plus

rkhunter Linux security checker

Written by Mel Kham on . Posted in Linux tutorials

Rootkit scanner is scanning tool to ensure you for about 99.9%* you’re clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:

– MD5 hash compare
– Look for default files used by rootkits
– Wrong file permissions for binaries
– Look for suspected strings in LKM and KLD modules
– Look for hidden files
– Optional scan within plaintext and binary files

The futures of the last version 1.3.4

  • Added IntoXonia-NG rootkit check.

  • Added Phalanx2 rootkit check.

  • Added support for TCB shadow files.

  • The ‘–propupd’ option can now take an optional file, directory or package name after it.

  • Revised file properties inode check.

  • Tests against the SSH configuration file now accept the key/value pair.

  • Improved the O/S name detection.

  • The Linux ‘os_specific’ test has now been split into two separate tests.

  • Improved ALLOWPROCDELFILE configuration option.

  • Improved hidden files and directories check.

  • The DBDIR directory can now be read-only, after installation.

  • Improved debug file option.

  • The system startup file and directory tests have now been merged.

Download , extract


Install using the command ( see also screenshot bellow)

[root@test1 rkhunter-1.3.4]# ./installer.sh  --layout oldschool --install


Start the scan

[root@test1 rkhunter-1.3.4]# rkhunter   -c

All results have been written to the logfile (/var/log/rkhunter.log)

One or more warnings have been found while checking the system.

Please check the log file (/var/log/rkhunter.log)


Finally your  can add rkhunter to your cronjobs  that  can  send daily   rapport to your email 

#vi /etc/cron-daily.rkhunter.sh

add 

#!/bin/bash 
 (/usr/local/bin/rkhunter -c --cronjob 2>&1 | mail -s "todayRkhunter Scan Report"Your_email@example.com)

Then

chmod +x /etc/cron.daily/rkhunter.sh

 

For any question please report its in the Forum

Links:

  • http://www.webhostgear.com

  • http://rkhunter.sourceforge.net

For questions please refer to our Q/A forum at : http://ask.unixmen.com

Related posts:

  1. 10 important Security and privacy addons for Firefox
  2. Secure temporary files in Linux
  3. Ubuntu Security Notice
  4. Install Crashplan backup tool in Linux
  5. How to convert .mp3 files to .wav files in Linux with mpg123

5 Comment(s)

Mel Kham

Founder of Unixmen, Living in Amsterdam. Am working in my free time to help people to understand the Opensource and to explain them in easy way how to make the fist steps to the the light. Working day and night with my Co-founder Zinovsky to keep this website live even with less resources.
  • newbie

    i’m new to linux & espcially openSUSE KDE, so i was wondering if you can do a step-by-step tutorial on how to install rkhunter (or any root kit/intruder detector software) via the repo’s.

    thanks in advance, great website by the way. : )

  • pirat9
  • http://goodfinance-blog.com MorganHarmon

    Every one knows that our life seems to be very expensive, but different people require money for various stuff and not every one earns enough cash. So to get some personal loans and credit loan would be a proper solution.

  • http://goodfinance-blog.com EARLENEDuffy31

    Specialists tell that mortgage loans aid a lot of people to live their own way, just because they can feel free to buy needed goods. Moreover, some banks present small business loan for different persons.

  • http://goodfinance-blog.com StevensonElise21

    When you are in a not good position and have got no money to move out from that point, you will have to take the personal loans. Just because it will help you unquestionably. I get student loan every single year and feel myself great just because of that.

Like us on Facebook

This week Top Posts

Write for us

Recent Posts

Recent Posts

Recent Comments

piCool

|

Great ! we have another another master trick :-)

Yilmaz Ulugtekin

|

Just delete the space after the slash (/) it will work.

Pat L

|

I tried it and it works with a regular zip file, but if you password-protect the .zip file it does NOT work.

SK

|

Yes we can. What kind of help you need? We are doing outsourcing and technical support for Linux and Open source worldwide. To know more about the details visit here.

ClintB

|

After install as above, run shell script /opt/Citrix/ICAClient/wfica.sh manually and note lib errors still occur. I had the x64 motif loaded but had to manually install the x86 too. Got that from http://rpmfind.net/linux/rpm2html/search.php?query=libXm.so.4 Even after that, I still had to do a “yum install alsa-lib.i686 alsa-lib.x86_64″ to resolve any additional libasound.so.2 errors. Once those two lib issues were resolved, Citix Web Interface launched apps fine by telling browser to open launch.ica using /opt/Citrix/ICAClient/wfica.sh. Good luck Ernesto!

 

Favorite Links

Unixmen Archive

Tags Cloud

android apache browser Centos chrome Debian eyecandy Fedora firefox games gaming gnome google karmic koala kde libreoffice Linux linux distribution LinuxMint lucid lynx maverick meerkat media player mysql Natty Narwhal news oneiric ocelot openoffice opensource opensuse oracle ppa Precise Pangolin release RHEL security server software themes tools ubuntu unix upgrade virtualbox windows wine

Unixmen Twitts

IDG Tech Network
Copyright © 2008-2013 Unixmen.com .
Maintained by Anblik .