How To Install Chkrootkit on Ubuntu 22.04 LTS

Install Chkrootkit on Ubuntu 22.04

In this tutorial, we will show you how to install Chkrootkit on Ubuntu 22.04 LTS. For those of you who didn’t know, The Chkrootkit security scanner is a popular security tool that allows administrators to check the local system for evidence of a rootkit infection. It consists of a shell script that checks various security issues and system binaries for rootkit modification. You can use Chkrootkit in the command line or GUI. It is similar to rkhunter which is another rootkit detection and removal tool.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Chkrootkit security scanner on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

Prerequisites

  • A server running one of the following operating systems: Ubuntu 22.04, 20.04, and any other Debian-based distribution like Linux Mint.
  • It’s recommended that you use a fresh OS install to prevent any potential issues.
  • SSH access to the server (or just open Terminal if you’re on a desktop).
  • A non-root sudo useror access to the root user. We recommend acting as a non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.

Install Chkrootkit on Ubuntu 22.04 LTS Jammy Jellyfish

Step 1. First, make sure that all your system packages are up-to-date by running the following apt commands in the terminal.

sudo apt update
sudo apt upgrade
sudo apt install wget apt-transport-https gnupg2 software-properties-common

Step 2. Installing Chkrootkit on Ubuntu 22.04.

By default, the Chkrootkit is available on Ubuntu 22.04 base repository. Now run the following command below to install the latest version of Chkrootkit to your Ubuntu system:

sudo apt install chkrootkit

Verify your Chkrootkit installation by checking its version:

chkrootkit -V

Step 3. Using Chkrootkit on Ubuntu.

You can now run the test with the following command:

chkrootkit

If any of the output shown below shows as infected, then you need to check:

Checking `sshd'...                                          not infected
Checking `syslogd'...                                       not tested
Checking `tar'...                                           not infected
Checking `tcpd'...                                          INFECTED
Checking `tcpdump'...                                       not infected
Checking `top'...                                           not infected
Checking `telnetd'...                                       not found

Also, you can use the chkrootkit command with the -q option to scan your server in quiet mode:

chkrootkit -q

To enable an automatic daily scan of your system first use:

sudo nano /etc/chkrootkit.conf

And change the line below as shown:

RUN_DAILY="true"

Save and close the file, then exit the editor.

You can list out the options available with Chkrootkit with the following command:

chkrootkit -h

Congratulations! You have successfully installed Chkrootkit. Thanks for using this tutorial for installing the Chkrootkit security scanner on Ubuntu 22.04 LTS Jammy Jellyfish system. For additional help or useful information, we recommend you check the official Chkrootkit website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!