Howto install RootKit Hunter.
Author : Muzo
Contributer : mbachmann
Sources : 
RootKitHunter FAQ
Tested on SME Version 5.6 GPL
Updated : 9 Apr 2004
License : GPL
You wan't to be sure that you don't have any rootkit on you're SME box?
Install RootKitHunter
1) Download RootKitHunter
- Download latest version of RootKitHunter from RootKit project page
RootKit project page
Wedon't need (i think) "3rd party rpm's"
2) Install
- Put your root kit hunter in an iBay or in /tmp dir ( It doesn't matter where you save the tarball).
- Unpack it :
tar zxvf rkhunter-X.X.X.tar.gz
- A new dir is created rkhunter, go into it:
cd rkhunter
- Launch install script :
./installer.sh
- Now you have a new command :
rkhunter
3) First launch
Now we'll see if your SME Box is "rootkited" :
rkhunter -c
All test must be OK
4) Cron
RootKitHunter can run as cronjob.
TODO : I'm not a cron guru, so if some one know how to do this, please finished this HowTo. Thanx Muzo
rkhunter --cronjob
To run it daily - manual way: cd to /etc/cron.daily, put a new file with the following content in there and give it a nice name like runrootkit:
#!/bin/bash # Run rkhunter daily /path/where/rkhunter/is/installed/rkunter &
The "&" makes it run as a background process.
Execute "chmod 0755" (without quotes) on runrootkit in the cron.daily directory and rkhunter in the rkhunter dir to make them executeable.
They may be easier ways to achieve it, please ad them if you know.
To Do: Get the results emailed from cron
For more informations read rootkit articles
Back Howto
Feedback
HowToInstallRootKitHunter Feedback Add your comments to this page.
Wiki Links List
 Page Name |
Hits |
|---|---|
| HowToInstallRootKitHunter Feedback | 449 |
| HowtoEN | 12231 |
| Intrusion Detection | 4307 |