Install RootKit Hunter

How to install Latest RootKit Hunter ?



Today we will learn how to install latest released version of RootKit Hunter . Below i have provided a detailed information regarding RootKit Hunter

- Description

- Rootkit scanner

- Project information

Rootkit scanner is scanning tool to ensure you for about 99.9%* you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:

- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files

Rootkit Hunter is released as GPL licensed project and free for everyone to use.

* No, not really 99.9%.. It's just another security layer

System requirements:

- Compatible operating system (see 'Supported operating systems')
- Bourne Again Shell (BASH)

Supported operating systems

Supported:
- Most Linux distributions
- Most *BSD distributions

Currently unsupported:
- NetBSD

Tested on:
- AIX 4.1.5 / 4.3.3
- ALT Linux
- Aurora Linux
- CentOS 3.1 / 4.0 / 5.x / 6.x
- Conectiva Linux 6.0
- Debian 3.x / 4.0 / 5.x / 6.x
- FreeBSD 4.3 / 4.4 / 4.7 / 4.8 / 4.9 / 4.10
- FreeBSD 5.0 / 5.1 / 5.2 / 5.2.1 / 5.3
- Fedora Core 1 / Core 2 / Core 3
- Gentoo 1.4, 2004.0, 2004.1
- Macintosh OS 10.3.4-10.3.8
- Mandrake 8.1 / 8.2 / 9.0-9.2 / 10.0 / 10.1
- OpenBSD 3.4 / 3.5
- Red Hat Linux 7.0-7.3 / 8 / 9
- Red Hat Enterprise Linux 2.1 / 3.0
- Slackware 9.0 / 9.1 / 10.0 / 10.1
- SME 6.0
- Solaris (SunOS)
- SuSE 7.3 / 8.0-8.2 / 9.0-9.2
- Ubuntu
- Yellow Dog Linux 3.0 / 3.01

Confirmed to work also on:
- CLFS
- DaNix (Debian clone)
- PCLinuxOS
- VectorLinux SOHO 3.2 / 4.0
- CPUBuilders Linux
- Virtuozzo (VPS)


Extra information

'Supported' rootkits/backdoors/LKM's/worms:
[blockquote]
55808 Trojan - Variant A
ADM W0rm
AjaKit
aPa Kit
Apache Worm
Ambient (ark) Rootkit
Balaur Rootkit
BeastKit
beX2
BOBKit
CiNIK Worm (Slapper.B variant)
Danny-Boy's Abuse Kit
Devil RootKit
Dica
Dreams Rootkit
Duarawkz Rootkit
Flea Linux Rootkit
FreeBSD Rootkit
Fuck`it Rootkit
GasKit
Heroin LKM
HjC Rootkit
ignoKit
ImperalsS-FBRK
Irix Rootkit
Kitko
Knark
Li0n Worm
Lockit / LJK2
mod_rootme (Apache backdoor)
MRK
Ni0 Rootkit
NSDAP (RootKit for SunOS)
Optic Kit (Tux)
Oz Rootkit
Portacelo
R3dstorm Toolkit
RH-Sharpe's rootkit
RSHA's rootkit
Scalper Worm
Shutdown
SHV4 Rootkit
SHV5 Rootkit
Sin Rootkit
Slapper
Sneakin Rootkit
Suckit
SunOS Rootkit
Superkit
TBD (Telnet BackDoor)
TeLeKiT
T0rn Rootkit
Trojanit Kit
URK (Universal RootKit)
VcKit
Volc Rootkit
X-Org SunOS Rootkit
zaRwT.KiT Rootkit

and... some known/unknown sniffers, backdoors like:
Anti Anti-sniffer
LuCe LKM
THC Backdoor

INSTALLATION PROCEDURE :

Login in SSH through Putty Software . Login as root user

Step 1: Download rkhunter.

 - Download latest Release of RootKit Hunter Script at http://sourceforge.net/projects/rkhunter/ with WGETcommand.

Code :                                                                                                                               Selece All
# cd /usr/local/src
# wget http://sourceforge.net/projects/rkhunter/files/latest/download


Step 2: Extract rkhunter.

- UNTAR the download latest tar.gz file.

Code :                                                                                                                              Select All
          # tar -zxvf rkhunter-1.3.8.tar.gz


Step 3: Install rkhunter.

Code :                                                                                                                                Select All
       # cd rkhunter-1.3.8
       # sh installer.sh --install

Step 4: Update rkhunter.

Code :                                                                                                                               Select All
# rkhunter --update

Step 5:Adding daily cron job.


- If you want get a mail daily with a status on your system, you need to do the following in steps:
Create file rkhunter.sh.

Code :                                                                                                                             Select All
       # nano /etc/cron.daily/rkhunter.sh

- Add the following code.

Code :                                                                                                                             Select All
#!/bin/sh
(
/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
) | /bin/mail -s 'rkhunter Daily Run' [email protected]
 

- Press Ctrl + X And Press Enter to save the edited file.
- Replace [email protected] above with your email.

- Set execute permission for rkhunter.sh.

Code :                                                                                                                           Select All
           # chmod +x /etc/cron.daily/rkhunter.sh
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Introducing cPanel

cPanel is a Unix based web hosting control panel that provides a graphical interface and...

Dedicated IP

A Shared Hosting Client can Order an Extra Dedicated IP for a SSL or Dedicated IP for...

Lost Data?

Backups and Data Loss :Inetwebhost is not responsible for files and/or data residing on your...

Kloxo FileManager

Using the File Manager for File Uploads :Instead of uploading your files through the Kloxo...

Install Fantastico on cPanel / WHM

How to install Fantastico on cPanel/WHM ? You don't need to download any files in order to...

Powered by WHMCompleteSolution