rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online databases, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD.
This is a rootkit hunter tool. You can install it and configure as a daily cron. This will also help to do a daily scanning for rootkits.
cd /usr/local/src rm -rf rkhunter* wget http://files.blog.xeonbd.com/rkhunter-1.4.0.tar.gz tar -xzf rkhunter-1.4.0.tar.gz cd rkhunter-1.4.0/ sh installer.sh --install
Setup RKHunter to e-mail you you daily scan reports at /etc/cron.daily/rkhunter.sh
You can setup a cron as follows,
#!/bin/bash EMAIL="youremail@yourdomain.tld" /usr/local/bin/rkhunter --update /usr/local/bin/rkhunter -sk -c --nocolors --versioncheck | mail -s "XeonBD: RKhunter Scan Details" $EMAIL
