rkhunter is a shell script which carries out various checks on
the local system to try
and detect known rootkits and malware. It also performs checks to see if
commands have been modified, if the system startup files have been
modified, and
various checks on the network interfaces, including checks for listening
applications.
rkhunter has been written to be as generic as possible, and so should run on most Linux and UNIX systems. It is provided with some support scripts should certain commands be missing from the system, and some of these are perl scripts. rkhunter does require certain commands to be present for it to be able to execute. Additionally, some tests require specific commands, but if these are not present then the test will be skipped. rkhunter needs to be run under a Bourne-type shell, typically bash or ksh. rkhunter can be run as a cron job or from the command-line.
rkhunter has been written to be as generic as possible, and so should run on most Linux and UNIX systems. It is provided with some support scripts should certain commands be missing from the system, and some of these are perl scripts. rkhunter does require certain commands to be present for it to be able to execute. Additionally, some tests require specific commands, but if these are not present then the test will be skipped. rkhunter needs to be run under a Bourne-type shell, typically bash or ksh. rkhunter can be run as a cron job or from the command-line.
INSTALLATION
1. cd /usr/local/src ;
2. wget http://sourceforge.net/projects/rkhunter/files/latest /download ;
3. tar -xzvf rkhunter-1.4.0.tar.gz ;
4. rm -f rkhunter-1.3.8.tar.gz ;
5. cd rkhunter-1.3.8 ;
6. sh installer.sh --layout /usr --install ;
7. rkhunter --update ;
USAGE
# rkhunter -c --sk
No comments:
Post a Comment