In this tutorial, we will show you how to install Chkrootkit on Ubuntu 22.04 LTS. For those of you who didn’t know, The Chkrootkit security scanner is a popular security tool that allows administrators to check the local system for evidence of a rootkit infection. It consists of a shell script that checks various security issues and system binaries for rootkit modification. You can use Chkrootkit in the command line or GUI. It is similar to rkhunter which is another rootkit detection and removal tool.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘
sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Chkrootkit security scanner on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.
- A server running one of the following operating systems: Ubuntu 22.04, 20.04, and any other Debian-based distribution like Linux Mint.
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- SSH access to the server (or just open Terminal if you’re on a desktop).
- An active internet connection. You’ll need an internet connection to download the necessary packages and dependencies for Chkrootkit.
non-root sudo useror access to the
root user. We recommend acting as a
non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Install Chkrootkit on Ubuntu 22.04 LTS Jammy Jellyfish
Step 1. First, make sure that all your system packages are up-to-date by running the following
apt commands in the terminal.
sudo apt update sudo apt upgrade sudo apt install wget apt-transport-https gnupg2 software-properties-common
Step 2. Installing Chkrootkit on Ubuntu 22.04.
By default, the Chkrootkit is available on Ubuntu 22.04 base repository. Now run the following command below to install the latest version of Chkrootkit to your Ubuntu system:
sudo apt install chkrootkit
Verify your Chkrootkit installation by checking its version:
Step 3. Using Chkrootkit on Ubuntu.
You can now run the test with the following command:
If any of the output shown below shows as infected, then you need to check:
Checking `sshd'... not infected Checking `syslogd'... not tested Checking `tar'... not infected Checking `tcpd'... INFECTED Checking `tcpdump'... not infected Checking `top'... not infected Checking `telnetd'... not found
Also, you can use the
chkrootkit command with the -q option to scan your server in quiet mode:
To enable an automatic daily scan of your system first use:
sudo nano /etc/chkrootkit.conf
And change the line below as shown:
Save and close the file, then exit the editor.
You can list out the options available with Chkrootkit with the following command:
Congratulations! You have successfully installed Chkrootkit. Thanks for using this tutorial for installing the Chkrootkit security scanner on Ubuntu 22.04 LTS Jammy Jellyfish system. For additional help or useful information, we recommend you check the official Chkrootkit website.