Linux Rootkit Security WGET

Checking your Linux system for Rootkits

Chkrootkit is a tool to locally check for signs of a rootkit
2) Check the md5checksum:

md5sum chkrootkit.tar.gz

3) Then extract and install:

tar -zxvf chkrootkit.tar.gz
cd chkrootkit
make sense

4) You can run it with the following command:


5) Now we are going to add it to contrab to schedule daily automatic scans in the system:

vi /etc/cron.daily/

# Enter the directory where the rootkit is installed
cd /root/chkrootkit/
# Enter your email address where you want to receive the report
./chkrootkit | mail -s “Daily chkrootkit from Server Name”

6) Now change the file permissions so we can run it: chmod 755 /etc/cron.daily/
7) To give it a try you can run the file manually from /etc/cron.daily directory and you should receive a report to the email account you provided.