Setting up RKhunter on a Linux box and setup a Cron Job for rootkits
This on is quite easy, I use it all the time at work. How to install rkhunter!
Login to your server (via SSH and su to root)
Go here and find the latest version.. Right now the latest version is 1.4.2
tar -xzvf rkhunter*
Thats the section on how to install rkhunter done, next on to some things that will help you using rkhunter.
Daily reports using a cronjob
setup RKHunter to e-mail you you daily scan reports.
Add the following
#!/bin/bash /usr/local/bin/rkhunter -c --cronjob 2>&1 |
mail -s "RKhunter Scan Details" firstname.lastname@example.org
Replace the e-mail above with your e-mail!! It is best to send the e-mail to an e-mail off-site so that if the box IS compromised the hacker can’t erase the scan report unless he hacks another server too.
chmod +x /etc/cron.daily/rkhunter.sh
Next, update rkhunter so that all the components are the latest versions
Then you can run a scan against your system
rkhunter -c --sk --display-logfile
Once the scan completes you can go through the list produced and fix the various things!