Rootkit Hunter Reviews

about Rootkit Hunter · · Helpful Not helpful Report as spam

This software still in production
the mailling list is active (and I just succeed an installation and to receive update)

And just succeed my installation. The only pain was they change their setup during 2018 and few distro like debian didn't bother to update the config file.

my mini how-to

  1. apt install -y rkhunter
  2. nano /etc/rkhunter.conf

than change those lines
> UPDATE_MIRRORS=0 --> UPDATE_MIRRORS=1
> MIRRORS_MODE=1 --> MIRRORS_MODE=0
> WEB_CMD="/bin/false" --> WEB_CMD=curl

  1. rkhunter --update
  2. rkhunter --propupd

than create your own cron (/etc/cron.daily/rkhunter.sh)

> (
> /usr/bin/rkhunter --versioncheck
> /usr/bin/rkhunter --update
> /usr/bin/rkhunter --cronjob --report-warnings-only
> ) | /usr/bin/mail -s 'rkhunter Daily Run $(hostname -s)' ${EMAIL}
>

reply