In this tutorial, we will show you how to install Rootkit Hunter on CentOS 6. For those of you who didn’t know, Rootkit Hunter (rkhunter) is a Unix-based tool that scans for rootkits, backdoors, and possible local exploits. Rkhunter checks to see whether the binary files or system startup files have been modified, and performs various checks on the network interfaces, including checks for listening services and applications. Rkhunter runs on most Linux and UNIX systems. It can be run from the command line, but it can also be scheduled to execute on a daily basis as a cron job.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple. I will show you through the step-by-step installation rkhunter (rootkit hunter) on CentOS 6.
- A server running one of the following operating systems: CentOS 6.
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- SSH access to the server (or just open Terminal if you’re on a desktop).
non-root sudo useror access to the
root user. We recommend acting as a
non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Install Rootkit Hunter on CentOS 6
Step 1. First, let’s start by ensuring your system is up-to-date.
sudo yum update
Step 2. Installing Rootkit Hunter on CentOS 6.
Now we download rkhunter using the following command.
wget http://downloads.sourceforge.net/project/rkhunter/rkhunter/1.4.2/rkhunter-1.4.2.tar.gz tar xzfv rkhunter-1.4.2.tar.gz cd rkhunter-1.4.2 ./installer.sh --install --layout default
rkhunter --update rkhunter --propupd
Step 3. Rootkit Hunter manual scan.
Use the following command to perform a test scan on the local system:
Step 4. Adding a daily cron job
Set up a daily cron job on your Linux VPS:
#!/bin/sh ( rkhunter --versioncheck rkhunter --update rkhunter -c --cronjob ) | mail -s 'rkhunter Daily Check' firstname.lastname@example.org
Important: Do not forget to replace ‘email@example.com’ with your email address.
Execute the following command to make the script executable:
chmod +x /etc/cron.daily/rkhunter-cron.sh
For more information and options run the following command.
Congratulations! You have successfully installed rootkit hunter. Thanks for using this tutorial for installing rkhunter on centos 6 systems. For additional help or useful information, we recommend you to check the official rkhunter website.