| Posted by mixmox, 06-16-2010, 01:28 PM | | Hi,
how can i install RKHunter and CHKROOTKIT
then how can i run config and see log file,
TNX
|
| Posted by hostechsupport, 06-16-2010, 02:03 PM | | To install Rkhunter
1. Login to your server via SSH as root.
2. Download RKHunter Version 1.1.4
3. Extract files
4. Type: 5. 6. Lets setup RKHunter to e-mail you you daily scan reports.
Add The Following:
To run rkhunter
rkhunter -c
To install chkrootkit
1. Login to your server as root. (SSH)
2. Down load the chkrootkit.
3. Unpack the chkrootkit you just downloaded.
4. Change to new directory
5. Compile chkrootkit
6. Run chkrootkit
You are almost done..
|
| Posted by mixmox, 06-17-2010, 04:46 AM | | How can i check chkrootkit log file after scan ?
|
| Posted by LeaTrueman, 06-17-2010, 05:15 AM | | set a cron like this and you will get get the chkrootkit result to your email,
#!/bin/bash
cd /yourinstallpath/chkrootkit-0.42b/
./chkrootkit | mail -s “Daily chkrootkit from Servername” admin@youremail.com
|
| Posted by inspiron, 06-19-2010, 10:57 AM | | Yes, in SSH you can run the following:
pico /etc/cron.daily/chkrootkit.sh
Insert the following to the new file:
#!/bin/bash
cd /yourinstallpath/chkrootkit-0.42b/
./chkrootkit | mail -s "Daily chkrootkit from Servername"
admin@youremail.com
Note :In this you need to replace the 'yourinstallpath' with the actual path.
Change the 'Servername' to the server you are running.
Change the 'admin@youremail.com' to your actual email address where you can received the mail from the scripts you are running
And save the file in SSH.
|
| Posted by mixmox, 07-29-2010, 11:58 PM | | tnx. i have edit /etc/cron.daily/chkrootkit.sh.
and is it run every day or i must run it manually?
|
| Posted by Richard-BCS, 07-30-2010, 07:02 AM | | Take a look at the tutorials over at securecentos.com . They have detailed tutorials on how to install RKHunter and Chrootkit
If you followed the instructions on the last post before yours it should run automatically.
|
| Posted by mixmox, 09-03-2010, 05:21 AM | | on chrotkit:
cd /usr/local/src/
wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
tar xvzf chkrootkit.tar.gz
cd chkrootkit-0.49
make sense
./chkrootkit
then:
vi /etc/cron.daily/chkrootkit.sh
and add these lines:
#!/bin/bash
cd /usr/local/src/chkrootkit-0.49/
./chkrootkit 2>&1 | mail -s "chkrootkit Scan” username@yourdomain.com
and try:
chmod a+x /etc/cron.daily/chkrootkit.sh
but please check this error:
root@box [/usr/local/src/chkrootkit-0.49]# cd /etc/cron.daily/
root@box [/etc/cron.daily]# ./chkrootkit.sh
You must specify direct recipients with -s, -c, or -b.
You must specify direct recipients with -s, -c, or -b.
|
| Posted by david510, 09-04-2010, 08:40 AM | | Check your syntax of mail command. There may be breaks.
|
| Posted by mixmox, 09-04-2010, 09:07 AM | | its as same as:
#!/bin/bash
cd /usr/local/src/chkrootkit-0.49/
./chkrootkit 2>&1 | mail -s "chkrootkit Scan” username@yourdomain.com
|
| Posted by billyw, 09-07-2010, 12:25 AM | | Can the cron email address be on the server? I have not gotten email from rkhunter, or chkrootkit. Here is what I used for the crons...
rkhunter
Here is what I put for chkrootkit
This is a VPS but I guess it is still the same, as far as security.
Thnx
Billy
|
| Posted by billyw, 09-07-2010, 10:36 PM | | I just got this from the server in my email..
Any ideas on how to correct this problem?
Thnx
Billy
|
| Posted by billyw, 09-10-2010, 08:13 AM | | I have fixed them! I had to just chmod them to 755.
It is the simple little things that I always overlook.
|
| Posted by spinooo, 09-10-2010, 10:25 AM | | i got an error in this part it says
Connecting to downloads.rootkit.nl|212.178.92.6|:80..
and then
says that :
Connecting to downloads.rootkit.nl|212.178.92.6|:80... failed: Connection timed out.
Retrying.
so, Help me please
|
| Posted by InoxHost, 09-10-2010, 12:38 PM | | Hello,
Run this command in your server and paste here output.
|
| Posted by spinooo, 09-10-2010, 01:14 PM | | Hello,
here you are
17 packets transmitted, 17 received, 0% packet loss, time 16014ms
|
| Posted by billyw, 09-10-2010, 01:52 PM | | You have to download rkhunter here:
wget http://sourceforge.net/projects/rkhu...ar.gz/download
|
|
 Add to Favourites
 Print this Article
|
