Everyone should have this tool. It's fantastic, and free! I'll show you how to install it.
What is Rootkit Hunter?
Rootkit Hunter is a great tool used to scan your server for rootkits and other nasty tools.
Read more for the installation guide.
Let's get to work..
Use the following commands to install Rootkit Hunter.
wget http://superb-east.dl.sourceforge.net/sourceforge/rkhunter/rkhunter-1.2.9.tar.gz
tar zxf rkhunter-1.2.9.tar.gz
cd rkhunter-1.2.9
./installer.sh
Now thats installed, you'll want those logs..
Create a new file called "rkhunter" in your /etc/cron.daily folder.
nano /etc/cron.daily/rkhunter
Add this:
#!/bin/sh
(
/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
) | /bin/mail -s 'RootkitHunter Daily Run' put_your@email_here.com
You should change
put_your@email_here.com to a real e-mail address.
Save the file, and thats set. You'll now receive Rootkit Hunter's logs on a daily basis.
How to run it manually..
rkhunter -c
SOCIAL BOOKMARK -
Posted by Steven Sullivan on 30th April, 2006 - 18:25:00 GMT 1
Posted by NICE TRY on 20th February, 2007 at 20:42:45 GMT
I had a guy ask me to put a cd in and reboot. Luckily I looked at the cd and I noticed it had tools that said "view hidden files" root tools ISO something...I am not computer savvy however something didnt feel right with the way he asked me to do it. He said he just wanted to see if it was a bootable disc and he has a mac and couldnt test it. My question is should I be concerned?
2
Posted by Steven Sullivan on 20th February, 2007 at 21:40:43 GMT
You should always be concerned as disks' can automatically boot-up programs but if you knew the guy it shouldn't be that bad.
Your virus scanner should pick it up afterwards and block/fix it though.
