February 2020
Intermediate to advanced
666 pages
15h 45m
English
Content preview from Mastering Linux Security and Hardening - Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Scanning for rootkits
To run your scan, use the -c option. (That's -c for check.) Be patient, because it will take a while:
sudo rkhunter -c
When you run the scan in this manner, Rootkit Hunter will periodically stop and ask you to hit the Enter key to continue. When the scan completes, you'll find a rkhunter.log file in the /var/log directory.
To have Rootkit Hunter automatically run as a cron job, you'll want to use the --cronjob option, which will cause the program to run all the way through without prompting you to keep hitting the Enter key. You might also want to use the --rwo option, which will cause the program to only report warnings, instead of also reporting on everything that's good. From the command line, the command would look ...