Main Menu

Recommended sites

RKHunter - RootKit Hunter Print E-mail
User Rating: / 1
PoorBest 
Friday, 20 July 2007 00:57
Rootkit scanner is scanning tool to ensure you for about 99.9%* you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:
  • MD5 hash compare
  • Look for default files used by rootkits
  • Wrong file permissions for binaries
  • Look for suspected strings in LKM and KLD modules
  • Look for hidden files
  • Optional scan within plaintext and binary files
Rootkit Hunter is released as GPL licensed project and free for everyone to use. # wget http://downloads.rootkit.nl/rkhunter-1.1.4.tar.gz
# tar -xzvf rkhunter-1.1.4.tar.gz
# cd rkhunter
# ./installer.sh

Receive e-mail everyday with the result Rootkit Hunter
For Root user
# crontab -e
For any user
# crontab -e -u username

and add
•0 3 * * * (./usr/local/bin/rkhunter –checkall 2>&1 | mail -s "chkrootkit output" -c  This e-mail address is being protected from spambots. You need JavaScript enabled to view it , This e-mail address is being protected from spambots. You need JavaScript enabled to view it This e-mail address is being protected from spambots. You need JavaScript enabled to view it )

* the correct path can be found with which rkhunter  
This will run Rootkit Hunter at 3:00 am every day, and e-mail the output to  This e-mail address is being protected from spambots. You need JavaScript enabled to view it and copies to This e-mail address is being protected from spambots. You need JavaScript enabled to view it and This e-mail address is being protected from spambots. You need JavaScript enabled to view it

Nota
If you ever get a positive alarm, you can try to remove the rootkit, but all professionals would advice you to reinstall the server from scratch, and restore a previous backup (that mean saving nothing from server as soon as the rootkit is revealed....)

Links
http://www.rootkit.nl/projects/rootkit_hunter.html

Tags See All Tags Add New Tag...

Please Enter New Tags Separated By Comma's
  Or Close

crontab  linux  rootkit  security  server 
Powered By Joomla Tags

Comments
Add New Search RSS
Write comment
Name:
Email:
 
Title:
UBBCode:
[b] [i] [u] [url] [quote] [code] [img] 
 
:):grin;)8):p:roll:eek:upset:zzz:sigh:?:cry
:(:x
Please input the anti-spam code that you can read in the image.

3.20 Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."

< Prev   Next >
 

Another articles:

Powered By relatedArticle

Content View Hits : 3452531

Enter Amount: