RKHunter – (RootKit Hunter) is a security scanning tool which will scan for rootkits, backdoors, and local exploits. It is an intrustion detection program for Linux OS which has been widely used by many server administrators. Sometimes there is a false alarm but most of the time you need to check the problematic areas Rkhunter points out.

Use these commands to install it:

http://kent.dl.sourceforge.net/project/rkhunter/rkhunter/1.3.4/rkhunter-1.3.4.tar.gz

tar zxf rkhunter*
cd rkhunter-1.3.4
./installer.sh –layout default –install

Let’s set up RKhunter to email you daily the scan reports via email

pico /etc/cron.daily/rkhunter.sh

add the following replacing your email address:

#!/bin/bash
(/usr/local/bin/rkhunter -c –cronjob 2>&1 | mail -s “Daily Rkhunter Scan Report” email@domain.com)

chmod +x /etc/cron.daily/rkhunter.sh

Now you can run a test scan with the following command:

/usr/local/bin/rkhunter -c