UbuntuUbuntu Based

How To Install Chkrootkit on Ubuntu 24.04 LTS

r00t

Install Chkrootkit on Ubuntu 24.04

In this tutorial, we will show you how to install Chkrootkit on Ubuntu 24.04 LTS. Chkrootkit is a widely used security tool that scans for rootkits, worms, and other malicious software on Unix-like systems. Developed by Pangeia Informatica, it consists of a shell script that checks various system binaries and security issues for signs of rootkit modifications. Chkrootkit can detect over 70 different rootkits, making it an essential tool for system administrators and security-conscious users. Its compatibility with various Unix-like systems, including Linux, FreeBSD, and Solaris, further enhances its utility.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Chkrootkit on Ubuntu 24.04 (Noble Numbat). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

Prerequisites

  • A server running one of the following operating systems: Ubuntu and any other Debian-based distribution like Linux Mint.
  • It’s recommended that you use a fresh OS install to prevent any potential issues.
  • SSH access to the server (or just open Terminal if you’re on a desktop).
  • An active internet connection. You’ll need an internet connection to download the necessary packages and dependencies.
  • An Ubuntu 24.04 system with root access or a user with sudo privileges.

Install Chkrootkit on Ubuntu 24.04 LTS Noble Numbat

Step 1. Updating the Package Repository.

Keeping your system up-to-date is crucial for security and stability. Before installing Chkrootkit, update your package lists and upgrade any outdated packages. Open a terminal and run the following commands:

sudo apt update

This command will fetch the latest package information from the Ubuntu repositories, allowing you to install the most recent version of chkrootkit and its dependencies. Updating the package repository is crucial to maintaining the security and stability of your system.

Step 2. Installing Chkrootkit Ubuntu 22.04.

  • Installing Chkrootkit via APT

The APT package manager provides a convenient way to install Chkrootkit. Follow these steps:

sudo apt install chkrootkit

Verify the Installation:

chkrootkit -V

This command should display the version of Chkrootkit installed, confirming a successful installation.

  • Installing Chkrootkit from Source

For users who prefer the latest version or need custom configurations, installing Chkrootkit from the source is an option. Follow these steps:

wget ftp://chkrootkit.org/pub/seg/pac/chkrootkit.tar.gz

Extract the Source Archive:

tar -xvzf chkrootkit.tar.gz

Ensure you have the GNU Compiler Collection (GCC) and the make utility installed:

sudo apt install gcc make build-essential

Navigate to the extracted source code directory and compile the code:

cd chkrootkit-0.58b
sudo make sense

Verify the Installation:

./chkrootkit -V

Step 3. Configuring Chkrootkit.

  • Basic Configuration

After installation, you can configure Chkrootkit to run daily scans and customize its behavior. Edit the configuration file:

sudo nano /etc/chkrootkit.conf

Enable daily scans by changing the RUN_DAILY option to true:

RUN_DAILY="true"
  • Advanced Configuration

For more advanced configurations, you can set additional options in the configuration file:

Quiet Mode: Suppresses output of tests that find nothing suspicious.

RUN_DAILY_OPTS="-q"

Difference Mode: Compares current scan results with previous results to detect changes.

DIFF_MODE="true"

Step 4. Running Chkrootkit on Ubuntu 24.04.

  • Manual Scans

You can run Chkrootkit manually to check your system for rootkits. Open a terminal and execute the following command:

sudo chkrootkit

Interpreting the results is crucial. Chkrootkit will display a list of checks and their status. If any checks show as “INFECTED,” further investigation is required.

  • Automated Scans

To automate daily scans, set up a cron job. Open the crontab editor:

sudo crontab -e

Add the following entry to schedule a daily scan at 3 AM and email the results:

0 3 * * * /usr/sbin/chkrootkit 2>&1 | mail -s "Chkrootkit Report" [email protected]
  • Checking Logs

Chkrootkit logs its findings, which can be useful for troubleshooting. Check the logs for detailed information:

less /var/log/chkrootkit/chkrootkit.log

Congratulations! You have successfully installed Chkrootkit. Thanks for using this tutorial for installing the Chkrootkit on the Ubuntu 24.04 LTS system. For additional help or useful information, we recommend you check the Chkrootkit website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is a seasoned Linux system administrator with a wealth of experience in the field. Known for his contributions to idroot.us, r00t has authored numerous tutorials and guides, helping users navigate the complexities of Linux systems. His expertise spans across various Linux distributions, including Ubuntu, CentOS, and Debian. r00t's work is characterized by his ability to simplify complex concepts, making Linux more accessible to users of all skill levels. His dedication to the Linux community and his commitment to sharing knowledge makes him a respected figure in the field.
Copyright © 2024 idroot.us | All Rights Reserved.
Back to top button