How-To-Install-CHKROOTKIT


Chkrootkit :
chkrootkit is a tool to locally check for signs of a rootkit. It contains a chkrootkit: shell script that checks system binaries for rootkit modification.

Installation:
– Login to your server as root. (SSH)

– Down load the chkrootkit.
# wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz

– Unpack the chkrootkit you just downloaded.
# tar xvzf chkrootkit.tar.gz

– Change to new directory
# cd chkrootkit*

– Compile chkrootkit
# make sense

– Run chkrootkit
# ./chkrootkit

How to setup a daily scan report?

– Load crontab
# crontab -e

– Add this line to the top:
==========================================================================
0 1 * * * (cd /path/to/chkrootkit; ./chkrootkit 2>&1 | mail -s “chkrootkit output” email@domain.com)
==========================================================================

This will run CHKROOTKIT at 1am every day, and e-mail the output to root. (you need change the time whenever you want it to run and the email id according to your needs.)

Save and exit.

Done!!!!🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: