top of page

Setting up RKhunter on a Linux box and setup a Cron Job for rootkits

This on is quite easy, I use it all the time at work. How to install rkhunter!

Login to your server (via SSH and su to root)

cd /usr/local/src/

Go here and find the latest version.. Right now the latest version is 1.4.2

Download RKHunter


Extract files

tar -xzvf rkhunter*

cd rkhunter*

./ --install

Thats the section on how to install rkhunter done, next on to some things that will help you using rkhunter.

Daily reports using a cronjob

setup RKHunter to e-mail you you daily scan reports.

vi /etc/cron.daily/

Add the following

#!/bin/bash /usr/local/bin/rkhunter -c --cronjob 2>&1 |

mail -s "RKhunter Scan Details"

Replace the e-mail above with your e-mail!! It is best to send the e-mail to an e-mail off-site so that if the box IS compromised the hacker can’t erase the scan report unless he hacks another server too.

chmod +x /etc/cron.daily/

Next, update rkhunter so that all the components are the latest versions

rkhunter --update

Then you can run a scan against your system

rkhunter -c --sk --display-logfile

Once the scan completes you can go through the list produced and fix the various things!

Recent Posts 
Serach By Tags
No tags yet.
bottom of page