UbuntuUbuntu Based

How To Install Chkrootkit on Ubuntu 24.04 LTS

r00t

Install Chkrootkit on Ubuntu 24.04

In this tutorial, we will show you how to install Chkrootkit on Ubuntu 24.04 LTS. Chkrootkit is a widely used security tool that scans for rootkits, worms, and other malicious software on Unix-like systems. Developed by Pangeia Informatica, it consists of a shell script that checks various system binaries and security issues for signs of rootkit modifications. Chkrootkit can detect over 70 different rootkits, making it an essential tool for system administrators and security-conscious users. Its compatibility with various Unix-like systems, including Linux, FreeBSD, and Solaris, further enhances its utility.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Chkrootkit on Ubuntu 24.04 (Noble Numbat). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

Prerequisites

  • A server running one of the following operating systems: Ubuntu and any other Debian-based distribution like Linux Mint.
  • It’s recommended that you use a fresh OS install to prevent any potential issues.
  • SSH access to the server (or just open Terminal if you’re on a desktop).
  • An active internet connection. You’ll need an internet connection to download the necessary packages and dependencies.
  • An Ubuntu 24.04 system with root access or a user with sudo privileges.

Install Chkrootkit on Ubuntu 24.04 LTS Noble Numbat

Step 1. Updating the Package Repository.

Keeping your system up-to-date is crucial for security and stability. Before installing Chkrootkit, update your package lists and upgrade any outdated packages. Open a terminal and run the following commands:

sudo apt update

This command will fetch the latest package information from the Ubuntu repositories, allowing you to install the most recent version of chkrootkit and its dependencies. Updating the package repository is crucial to maintaining the security and stability of your system.

Step 2. Installing Chkrootkit Ubuntu 22.04.

  • Installing Chkrootkit via APT

The APT package manager provides a convenient way to install Chkrootkit. Follow these steps:

sudo apt install chkrootkit

Verify the Installation:

chkrootkit -V

This command should display the version of Chkrootkit installed, confirming a successful installation.

  • Installing Chkrootkit from Source

For users who prefer the latest version or need custom configurations, installing Chkrootkit from the source is an option. Follow these steps:

wget ftp://chkrootkit.org/pub/seg/pac/chkrootkit.tar.gz

Extract the Source Archive:

tar -xvzf chkrootkit.tar.gz

Ensure you have the GNU Compiler Collection (GCC) and the make utility installed:

sudo apt install gcc make build-essential

Navigate to the extracted source code directory and compile the code:

cd chkrootkit-0.58b
sudo make sense

Verify the Installation:

./chkrootkit -V

Step 3. Configuring Chkrootkit.

  • Basic Configuration

After installation, you can configure Chkrootkit to run daily scans and customize its behavior. Edit the configuration file:

sudo nano /etc/chkrootkit.conf

Enable daily scans by changing the RUN_DAILY option to true:

RUN_DAILY="true"
  • Advanced Configuration

For more advanced configurations, you can set additional options in the configuration file:

Quiet Mode: Suppresses output of tests that find nothing suspicious.

RUN_DAILY_OPTS="-q"

Difference Mode: Compares current scan results with previous results to detect changes.

DIFF_MODE="true"

Step 4. Running Chkrootkit on Ubuntu 24.04.

  • Manual Scans

You can run Chkrootkit manually to check your system for rootkits. Open a terminal and execute the following command:

sudo chkrootkit

Interpreting the results is crucial. Chkrootkit will display a list of checks and their status. If any checks show as “INFECTED,” further investigation is required.

  • Automated Scans

To automate daily scans, set up a cron job. Open the crontab editor:

sudo crontab -e

Add the following entry to schedule a daily scan at 3 AM and email the results:

0 3 * * * /usr/sbin/chkrootkit 2>&1 | mail -s "Chkrootkit Report" [email protected]
  • Checking Logs

Chkrootkit logs its findings, which can be useful for troubleshooting. Check the logs for detailed information:

less /var/log/chkrootkit/chkrootkit.log

Congratulations! You have successfully installed Chkrootkit. Thanks for using this tutorial for installing the Chkrootkit on the Ubuntu 24.04 LTS system. For additional help or useful information, we recommend you check the Chkrootkit website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Copyright © 2024 idroot.us | All Rights Reserved.
Back to top button