SystemMen - Rootkit Hunter (rkhunter) is a small tool for Linux to scan rootkits, backdoors and local exploits. As the name implies, you can use it to scan rootkits on your system automatically. This article will guide you to install rkhunter on CentOS 6.
Install rkhunter on CentOS 6
First, you need to install the epel repository. Type the command below:
yum install epel-release -y
Next, type the following command to install rkhunter:
yum install rkhunter -y
After the installation, we need to update the database for rkhunter, you type:
rkhunter --update
Update the properties file. This is necessary, at the first install, when you run the propupd command, rkhunter will create a database file. In subsequent scans, rkhunter will compare the current file in the system with this database file to detect the change.
rkhunter --propupd
Use rkhunter manually
To use manual scan rkhunter then you can type the command below. With this command, whenever the rkhunter finishes a part of the scan, you need to press “Enter” to continue.
rkhunter -c
To automatically ignore the “Enter” between scan sections, you can use -sk as the command below.
rkhunter -c -sk
And the result look like this.
Use rkhunter automatically
At the time I wrote this article, I was using rkhunter version 1.4.6 and this version has automatically added scripts scanned daily for you.
The only thing you need to set up is to open the /etc/sysconfig/rkhunter file and edit your email address to the MAILTO line.
Conclusion
With this article, hopefully you can successfully install rkhunter on your system. Using rkhunter can make your system more secure and you can also rest assured.
«« How to install MariaDB 10.2 on CentOS 6Nginx reverse proxy multi master architecture »»