There was a problem loading the comments.

Install RKHunter on CentOS or cPanel

Support Portal  »  Knowledgebase  »  Viewing Article

  Print

Install RKHunter on CentOS or cPanel

RKHunter is a software that is used to scan for rootkits, backdoors and possible local exploits. A rootkit is a malicious software which is capable of having administrator-level access to a computer or network. The rootkit allows the hackers to take the control of a system without the user knowing it. This post will help you to install rkhunter on CentOS.

Install RKHunter on CentOS


How to check the rkhunter version is up-to-date

 
[email protected] [~]# rkhunter --versioncheck
[ Rootkit Hunter version 1.4.2 ]

Checking rkhunter version...
 This version : 1.4.2
 Latest version: 1.4.2
[email protected] [~]#

Check for updates to database files

 
[email protected] [~]# rkhunter --update
[ Rootkit Hunter version 1.4.2 ]

Checking rkhunter data files...
 Checking file mirrors.dat [ No update ]
 Checking file programs_bad.dat [ No update ]
 Checking file backdoorports.dat [ No update ]
 Checking file suspscan.dat [ No update ]
 Checking file i18n/cn [ No update ]
 Checking file i18n/de [ No update ]
 Checking file i18n/en [ No update ]
 Checking file i18n/tr [ No update ]
 Checking file i18n/tr.utf8 [ No update ]
 Checking file i18n/zh [ No update ]
 Checking file i18n/zh.utf8 [ No update ]
[email protected] [~]#

Update the entire file properties database

 
[email protected] [~]# rkhunter --propupd
[ Rootkit Hunter version 1.4.2 ]
File created: searched for 172 files, found 145
[email protected] [~]#

How to setup a daily RKHunter scan

Create a file under the directory “/etc/cron.daily/”

 
vim /etc/cron.daily/rkhunter.sh

Put the following script into that file.

 
#!/bin/bash
rm -rf /usr/local/src/SCAN
mkdir /usr/local/src/SCAN
SCAN=/usr/local/src/SCAN
cd $SCAN
/usr/local/bin/rkhunter -c --sk -q --summary > $SCAN/scan-rkhunter.log
sed -n '/Rootkit checks/,/Suspect applications/p' $SCAN/scan-rkhunter.log | mail -s "Rkhunter Scan Report" [email protected]

Make it executable

 
chmod +x /etc/cron.daily/rkhunter.sh

That’s it!


Share via

Related Articles

Copyright © 2023 TheGigabit. All right reserved. Reg.No: 200701034297 (792326-P)