How to install rkhunter in ubuntu?

malware rootkit rkhunter
13,831

The package rkhunter is in the repos, so just

sudo apt-get install rkhunter

So is chkrootkit

sudo apt-get install chkrootkit

"rkhunter vs chkrootkit?" comparison from wikipedia

rkhunter

rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online databases, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD.

The tool has been written in Bourne shell, to allow for portability. It can run on almost all UNIX-derived systems.

chkrootkit

chkrootkit (Check Rootkit) is a common Unix-based program intended to help system administrators check their system for known rootkits. It is a shell script using common UNIX/Linux tools like the strings and grep commands to search core system programs for signatures and for comparing a traversal of the /proc filesystem with the output of the ps (process status) command to look for discrepancies.

It can be used from a "rescue disc" (typically a Live CD) or it can optionally use an alternative directory from which to run all of its own commands. These techniques allow chkrootkit to trust the commands upon which it depends a bit more.

There are inherent limitations to the reliability of any program that attempts to detect compromises (such as rootkits and computer viruses). Newer rootkits may specifically attempt to detect and compromise copies of the chkrootkit programs or take other measures to evade detection by them.

Share:
13,831

Related videos on Youtube

Admin
Author by

Admin

Updated on September 18, 2022

Comments

  • Admin
    Admin over 1 year

    Ok I know the question sounds strange but I need help installing rkhunter the accurate way and do I need to follow all the steps in this article https://help.ubuntu.com/community/RKhunter?

    • Admin
      Admin over 8 years
      rkhunter vs chkrootkit?
  • Admin
    Admin over 8 years
    Wait what about this article help.ubuntu.com/community/RKhunter do I need to do all that stuff in the instructions.
  • Admin
    Admin over 8 years
    So that's optional.
  • Mark Kirby
    Mark Kirby over 8 years
    Yes the bottom ha#lf of the page is just hiding the warnings, it does not matter if you hide them or not, your choice.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

rkhunter psswd and group file changes warning
If I have clamav do I need to install rootkit hunter
Popup ad virus on both chrome and firefox
chkrootkit shows "tcpd" as INFECTED. Is it a false positive?
Is there a way to find rootkits on 64-bit Windows 7
Rootkit Revealer is failing to run, why?
how to find out what created a file?
eth0: PACKET SNIFFER(/sbin/dhclient
UAC being turned off once a day on Windows 7
Can windows viruses affect my encrypted linux partition on the same disk?