Install rkhunter (Rootkit Hunter) in Linux

Rootkit Hunter

Rootkit scanner is scanning tool to ensure you for about 99.9%* you’re clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:

– MD5 hash compare
– Look for default files used by rootkits
– Wrong file permissions for binaries
– Look for suspected strings in LKM and KLD modules
– Look for hidden files
– Optional scan within plaintext and binary files


yum install rkhunter


cd /usr/local/src
tar -xzf rkhunter-1.4.0.tar.gz
cd rkhunter-1.4.0
./ --install

Update rkhunter after installation.

rkhunter --update


You can run a scan using the following command

rkhunter -c

You can view all the available options with rkhunter using the following command

rkhunter --help

If you want to skip the interactive prompts, add the -sk option at the end:

rkhunter -c -sk

Setup Daily Scan Report:

You can setup a daily scan report by using a cron as like follows.

nano /etc/cron.weekly/

( /usr/bin/rkhunter --versioncheck
/usr/bin/rkhunter --update
/usr/bin/rkhunter --cronjob --summary
) | /bin/mail -s "rkhunter (Corp)" [email protected]

chmod 750 /etc/cron.weekly/

You may need to change scripts path in /etc/rkhunter.conf


Author: Christopher Smith

I managed websites.

Leave a Reply

Your email address will not be published. Required fields are marked *