• Categories:

• FreeBSD
• Security
• - Web server security
• - dns security
• - Rootkit Hunter
• - dshield + pf
• - Expiretable
• - Bruteforce attacks
• - Using pfctl
• - Portaudit
• - Packet Filter
• Apache
• Email
• OpenBSD
• PHP
• DNS
• Work




• Home
• login

•  Links:

• Cookbook
• FreeBSD
• OpenBSD
• Property
• French Property
• German Property
• Spanish Property
• Italian Property
• UK Job Search

Rootkit Hunter

Rootkit Hunter is a security monitoring and analyzing tool for POSIX compliant systems. The Rootkit scanner ensures that you are about 99.9% clean of nasty tools. This tool scans for rootkits, backdoors and local exploits. Rootkit Hunter is released as a GPL licensed project and is free for everyone to use.
The homepage and download site is:

rkhunter.sourceforge.net

Download the latest version and unpack into /usr/local/share/modules (create the directory if necessary) and run installer.sh.

rkhunter is now installed in /usr/local/bin/rkhunter
run basic check as

/usr/local/bin/rkhunter -c --report-mode --createlogfile --skip-keypress

to run at 2am each day, and mail output to root, add to cron:

0 2 * * * /usr/local/bin/rkhunter -c --cronjob | mail -s "hostname rootkit hunter" root

replace 'hostname' with the server name. You need a forwarder for root to send the mail to your email address.