FedoraRHEL Based

How To Install Chkrootkit on Fedora 40

Install Chkrootkit on Fedora 40

In this tutorial, we will show you how to install Chkrootkit on Fedora 40. Chkrootkit is a free, open-source rootkit detection tool designed specifically for Unix-like operating systems, including Linux distributions such as Fedora 40. Developed by Nelson Murilo and Klaus Steding-Jessen, Chkrootkit is a shell script that performs a thorough scan of your system, searching for signs of rootkit infection. It accomplishes this by checking system binaries, libraries, and configuration files for known rootkit signatures and anomalies.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Chkrootkit on Fedora 40.

Prerequisites

Before we dive into the installation process, ensure that you have the following prerequisites in place:

  • A server running one of the following operating systems: Fedora 40.
  • It’s recommended that you use a fresh OS install to prevent any potential issues.
  • You will need access to the terminal to execute commands. Fedora provides the Terminal application for this purpose. It can be found in your Applications menu.
  • A stable internet connection to download the necessary packages.
  • A non-root sudo user or access to the root user. We recommend acting as a non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.

Install Chkrootkit on Fedora 40

Step 1. Update the System.

Before installing any new software, it is crucial to ensure that your Fedora 40 system is up-to-date with the latest security patches and software updates. Open a terminal and run the following command:

sudo dnf clean all
sudo dnf update

The package manager will retrieve the latest package information and prompt you to confirm the update. Press “y” and hit Enter to proceed with the update process. Depending on the number of updates available, this step may take a few minutes to complete.

Step 2. Installing Required Dependencies.

Chkrootkit relies on certain dependencies to function properly. Install the required packages by running the following command:

sudo dnf install wget gcc-c++ glibc-static

Step 3. Installing Chkrootkit on Fedora 40.

To keep your system organized, create a directory where you will download and compile Chkrootkit. For example:

mkdir ~/chkrootkit
cd ~/chkrootkit

Navigate to the directory you created for Chkrootkit:

cd ~/chkrootkit

Download the latest version of Chkrootkit using wget:

wget ftp://ftp.chkrootkit.org/pub/seg/pac/chkrootkit.tar.gz

Extract the downloaded tarball using the following command:

tar xvfz chkrootkit.tar.gz

Change to the extracted directory:

cd chkrootkit-*

Run the make command to compile Chkrootkit:

sudo make sense

Wait for the compilation process to complete. If there are no errors, proceed to the next step.

Move the compiled Chkrootkit files to a suitable directory, such as /usr/local/bin/:

sudo mv chkrootkit /usr/local/bin/

Verify the installation by running Chkrootkit with the version option:

chkrootkit -V

If the installation was successful, you should see the version information displayed.

Step 4. Running Chkrootkit on Fedora 40.

With Chkrootkit installed on your Fedora 40 system, you are now ready to run scans and check for potential rootkit infections. This section will guide you through the basic usage of Chkrootkit and help you understand its output.

To run a simple Chkrootkit scan, open a terminal and execute the following command:

sudo chkrootkit

Chkrootkit will now perform a series of tests, scanning your system for known rootkit signatures and anomalies. The scan may take a few minutes to complete, depending on your system’s size and performance.

Once the scan is complete, Chkrootkit will display the results in the terminal. Each line represents a specific test performed by Chkrootkit, followed by the test’s status. Here are some common status messages you may encounter:

  • “not infected”: This indicates that no signs of rootkit infection were found for the specific test.
  • “not found”: The file or directory being tested was not found on your system.
  • “not tested”: The test was skipped, usually because the necessary files or directories were not present.
  • “INFECTED”: Chkrootkit has detected signs of a potential rootkit infection. This requires further investigation.

If Chkrootkit reports any “INFECTED” items, it is crucial to investigate the issue further. Take note of the specific test that triggered the warning and consult the Chkrootkit documentation or seek assistance from security experts to determine the appropriate course of action.

Congratulations! You have successfully installed Chkrootkit. Thanks for using this tutorial for installing the Chkrootkit on Fedora 40. system. For additional help or useful information, we recommend you check the Chkrootkit website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Back to top button