Rootkit Hunter (rkhunter) is a small tool for Linux to scan rootkits, backdoors and local exploits. As the name implies, you can use it to scan rootkits on your system automatically. This article will guide you to install rkhunter on CentOS 6.
Install rkhunter on CentOS 6
Table of Contents
First, you need to install the epel repository. Type the command below:
yum install epel-release -yNext, type the following command to install rkhunter:
yum install rkhunter -yAfter the installation, we need to update the database for rkhunter, you type:
rkhunter --update
Update the properties file. This is necessary, at the first install, when you run the propupd command, rkhunter will create a database file. In subsequent scans, rkhunter will compare the current file in the system with this database file to detect the change.
rkhunter --propupdUse rkhunter manually
To use manual scan rkhunter then you can type the command below. With this command, whenever the rkhunter finishes a part of the scan, you need to press “Enter” to continue.
rkhunter -cTo automatically ignore the “Enter” between scan sections, you can use -sk as the command below.
rkhunter -c -skAnd the result look like this.
Use rkhunter automatically
At the time I wrote this article, I was using rkhunter version 1.4.6 and this version has automatically added scripts scanned daily for you.
The only thing you need to set up is to open the /etc/sysconfig/rkhunter file and edit your email address to the MAILTO line.
Conclusion
With this article, hopefully you can successfully install rkhunter on your system. Using rkhunter can make your system more secure and you can also rest assured.
(This is an article from my old blog that has been inactive for a long time, I don’t want to throw it away so I will keep it and hope it helps someone).
