Silent Bob
11-10-2005, 08:03 PM
How To Install and configure Chkrootkit
chkrootkit is a tool to locally check for signs of a rootkit.
For more information regarding this tool, visit http://www.chkrootkit.org/
Installation:
1. SSH to your server as the root superuser.
2. Next, we will download the chkrootkit program to /usr/src, and then untar it.
In shell, type in the following commands:
cd /usr/src
wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit-0.46.tar.gz
tar zxvf chkrootkit-0.46.tar.gz
cd chkrootkit-0.46
make sense
That’s it! To run the chkrootkit, in shell type: ./chkrootkit
Running chkrootkit Daily:
If you wish to run chkrootkit on a daily basis, and allow it to send out a report via email, follow these steps:
cd /etc/cron.daily
touch chkrootkit.cron
Next, use your favorite text editor, and add the following text to the chkrootkit.cron file.
#!/bin/bash
cd /usr/src/chkrootkit-0.43/
./chkrootkit 2>&1 | mail –s “chkrootkit daily report” username@yourdomain.com
Note: Replace username@yourdomain.com with your email.
Reply With Quote
chkrootkit is a tool to locally check for signs of a rootkit.
For more information regarding this tool, visit http://www.chkrootkit.org/
Installation:
1. SSH to your server as the root superuser.
2. Next, we will download the chkrootkit program to /usr/src, and then untar it.
In shell, type in the following commands:
cd /usr/src
wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit-0.46.tar.gz
tar zxvf chkrootkit-0.46.tar.gz
cd chkrootkit-0.46
make sense
That’s it! To run the chkrootkit, in shell type: ./chkrootkit
Running chkrootkit Daily:
If you wish to run chkrootkit on a daily basis, and allow it to send out a report via email, follow these steps:
cd /etc/cron.daily
touch chkrootkit.cron
Next, use your favorite text editor, and add the following text to the chkrootkit.cron file.
#!/bin/bash
cd /usr/src/chkrootkit-0.43/
./chkrootkit 2>&1 | mail –s “chkrootkit daily report” username@yourdomain.com
Note: Replace username@yourdomain.com with your email.
Reply With Quote