首先到 http://www.rootkit.nl/projects/rootkit_hunter.html 下载最新版本的rkhunter.
安装:
tar -zxvf rkhunter-1.3.8.tar.gz
cd rkhunter-1.3.8
./installer.sh --install
./installer.sh --showrkhunter就安装好了,然后我们要更新一下:
rkhunter --update
rkhunter --propupd
/usr/local/bin/rkhunter --cronjob -l --nomow --rwo使用方法:
Usage:
rkhunter
Check the system, performs all tests.
Create a logfile (default /var/log/rkhunter.log)
Run as cronjob (removes colored layout)
Show help about usage
Don't use colors for output (some terminals don't like colors or extended layout characters)
Don't
show uninteresting information for reports, like header/footer.
Interesting when scanning from crontab or with usage of other
applications.
Don't wait after every test (makes it non-interactive)
Perform quick scan (instead of full scan). Skips some tests and performs some enhanced tests (less suitable for normal scans).
Show version and quit
Check for latest version
Dynamic paths
Uses another directory when search for binaries (use instead of using default binaries)
Uses a different configuration file (instead of default one)
Uses another directory for the databases (instead of the default one, often /usr/local/rkhunter/db)
Uses
another rootdirectory (normally '/'). So all binaries and tests will be
performed on this directory instead of the default .
Uses another directory for temporary storage of files
Explicit scan options:
Disable MD5 checks
Disable passwd/group checks
Perform besides 'known good' check a 'known bad' check
