January 2018
Intermediate to advanced
376 pages
8h 45m
English
Content preview from Mastering Linux Security and Hardening
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Installing and updating Rootkit Hunter
For Ubuntu, Rootkit Hunter is in the normal repository. For CentOS, you'll need to install the EPEL repository, as I showed you how to do in Chapter 1, Running Linux in a Virtual Environment. For both Linux distros, the package name is rkhunter.
For Ubuntu:
sudo apt install rkhunter
For CentOS:
sudo yum install rkhunter
After it's installed, you can look at its options with:
man rkhunter
Easy, right?
The next thing you'll need to do is to update the rootkit signatures, using the --update option:
[donnie@localhost ~]$ sudo rkhunter --update[ Rootkit Hunter version 1.4.4 ]Checking rkhunter data files... Checking file mirrors.dat [ Updated ] Checking file programs_bad.dat [ Updated ] Checking file backdoorports.dat ...