«
»

How-To-Install-CHKROOTKIT


Chkrootkit :
chkrootkit is a tool to locally check for signs of a rootkit. It contains a chkrootkit: shell script that checks system binaries for rootkit modification.

Installation:
– Login to your server as root. (SSH)

– Down load the chkrootkit.
# wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz

– Unpack the chkrootkit you just downloaded.
# tar xvzf chkrootkit.tar.gz

– Change to new directory
# cd chkrootkit*

– Compile chkrootkit
# make sense

– Run chkrootkit
# ./chkrootkit

How to setup a daily scan report?

– Load crontab
# crontab -e

– Add this line to the top:
==========================================================================
0 1 * * * (cd /path/to/chkrootkit; ./chkrootkit 2>&1 | mail -s “chkrootkit output” email@domain.com)
==========================================================================

This will run CHKROOTKIT at 1am every day, and e-mail the output to root. (you need change the time whenever you want it to run and the email id according to your needs.)

Save and exit.

Done!!!! 🙂

This entry was posted on October 7, 2009 at 8:16 am and is filed under Others. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: