Install rkhunter On Ubuntu

Install rkhunter On Ubuntu

December 1, 2020 / Eternal Team

Rkhunter is a common tool for scanning your system for finding general vulnerabilities.

Step 1: Installing dependencies

$apt-get install binutils libreadline5 libruby ruby ruby ssl-cert unhide.rb mailutils

Step 2: Installing rkhunter

$wget http://downloads.sourceforge.net/project/rkhunter/rkhunter/1.4.2/rkhunter-1.4.2.tar.gz

Untar the download

$tar xzvf rkhunter*

Go to the rkhunter directory

$cd rkhunter*

Install rkhunter:
./installer.sh --layout /usr --install

If the proper installation is done, you will get output like this

Checking system for:
 Rootkit Hunter installer files: found
 A web file download command: wget found
Starting installation:
 Checking installation directory "/usr": it exists and is writable.
 Checking installation directories:
  Directory /usr/share/doc/rkhunter-1.4.2: creating: OK
  Directory /usr/share/man/man8: exists and is writable.
  Directory /etc: exists and is writable.
  Directory /usr/bin: exists and is writable.
  Directory /usr/lib: exists and is writable.
  Directory /var/lib: exists and is writable.
  Directory /usr/lib/rkhunter/scripts: creating: OK
  Directory /var/lib/rkhunter/db: creating: OK
  Directory /var/lib/rkhunter/tmp: creating: OK
  Directory /var/lib/rkhunter/db/i18n: creating: OK
  Directory /var/lib/rkhunter/db/signatures: creating: OK
 Installing check_modules.pl: OK
 Installing filehashsha.pl: OK
 Installing stat.pl: OK
 Installing readlink.sh: OK
 Installing backdoorports.dat: OK
 Installing mirrors.dat: OK
 Installing programs_bad.dat: OK
 Installing suspscan.dat: OK
 Installing rkhunter.8: OK
 Installing ACKNOWLEDGMENTS: OK
 Installing CHANGELOG: OK
 Installing FAQ: OK
 Installing LICENSE: OK
 Installing README: OK
 Installing language support files: OK
 Installing ClamAV signatures: OK
 Installing rkhunter: OK
 Installing rkhunter.conf: OK
Installation complete

Step 3: Check the rkhunter version

$rkhunter --update

[ Rootkit Hunter version 1.4.2 ]

Checking rkhunter data files...
  Checking file mirrors.dat                                  [ No update ]
  Checking file programs_bad.dat                             [ Updated ]
  Checking file backdoorports.dat                            [ No update ]
  Checking file suspscan.dat                                 [ No update ]
  Checking file i18n/cn                                      [ No update ]
  Checking file i18n/de                                      [ No update ]
  Checking file i18n/en                                      [ No update ]
  Checking file i18n/tr                                      [ No update ]
  Checking file i18n/tr.utf8                                 [ No update ]
  Checking file i18n/zh                                      [ No update ]
  Checking file i18n/zh.utf8                                 [ No update ]

We are now ready to perform our first test. After the test, we can see errors and warnings.

cat /var/log/rkhunter.log

Step 4: Enabling email notification

vi /etc/rkhunter.conf

You can check your configuration file

rkhunter -C

Conclusion

We learned how to install and use rkhunter for discovering common vulnerabilities in Ubuntu.

AWS-Consulting-Partner

Talk to AWS Certified Consultant

    Related Blogs

    blog

    July 23, 2021

    AWS Root login Alert
    blog

    June 17, 2021

    Manage SSO using AWS Cognito
    blog

    March 30, 2021

    AWS CodeCommit Repository That Triggers Email Notifications

    Want to start a project?

    It’s simple.

    Contact us