December 1, 2020 / Nirav Shah
Rkhunter is a common tool for scanning your system for finding general vulnerabilities.
Step 1: Installing dependencies
$apt-get install binutils libreadline5 libruby ruby ruby ssl-cert unhide.rb mailutils
Step 2: Installing rkhunter
Untar the download
$tar xzvf rkhunter*
Go to the rkhunter directory
$cd rkhunter* Install rkhunter: ./installer.sh --layout /usr --install
If the proper installation is done, you will get output like this
Checking system for: Rootkit Hunter installer files: found A web file download command: wget found Starting installation: Checking installation directory "/usr": it exists and is writable. Checking installation directories: Directory /usr/share/doc/rkhunter-1.4.2: creating: OK Directory /usr/share/man/man8: exists and is writable. Directory /etc: exists and is writable. Directory /usr/bin: exists and is writable. Directory /usr/lib: exists and is writable. Directory /var/lib: exists and is writable. Directory /usr/lib/rkhunter/scripts: creating: OK Directory /var/lib/rkhunter/db: creating: OK Directory /var/lib/rkhunter/tmp: creating: OK Directory /var/lib/rkhunter/db/i18n: creating: OK Directory /var/lib/rkhunter/db/signatures: creating: OK Installing check_modules.pl: OK Installing filehashsha.pl: OK Installing stat.pl: OK Installing readlink.sh: OK Installing backdoorports.dat: OK Installing mirrors.dat: OK Installing programs_bad.dat: OK Installing suspscan.dat: OK Installing rkhunter.8: OK Installing ACKNOWLEDGMENTS: OK Installing CHANGELOG: OK Installing FAQ: OK Installing LICENSE: OK Installing README: OK Installing language support files: OK Installing ClamAV signatures: OK Installing rkhunter: OK Installing rkhunter.conf: OK Installation complete
Step 3: Check the rkhunter version
$rkhunter --update [ Rootkit Hunter version 1.4.2 ] Checking rkhunter data files... Checking file mirrors.dat [ No update ] Checking file programs_bad.dat [ Updated ] Checking file backdoorports.dat [ No update ] Checking file suspscan.dat [ No update ] Checking file i18n/cn [ No update ] Checking file i18n/de [ No update ] Checking file i18n/en [ No update ] Checking file i18n/tr [ No update ] Checking file i18n/tr.utf8 [ No update ] Checking file i18n/zh [ No update ] Checking file i18n/zh.utf8 [ No update ]
We are now ready to perform our first test. After the test, we can see errors and warnings.
Step 4: Enabling email notification
You can check your configuration file
We learned how to install and use rkhunter for discovering common vulnerabilities in Ubuntu.
As a Director of Eternal Web Private Ltd an AWS consulting partner company, Nirav is responsible for its operations. AWS, cloud-computing and digital transformation are some of his favorite topics to talk about. His key focus is to help enterprises adopt technology, to solve their business problem with the right cloud solutions.
Have queries about your AWS project ideas and concepts? Please drop in your project details to discuss with our AWS experts, professionals and consultants.