Install rkhunter

dicko

Joined
Oct 24, 2008
Messages
4,099
Likes
0
Points
0
#1
A follow up (perhaps a follow behind) of a recent post in these fora, of a poor bastartd who was possibly penetrated, and for those who take security seriously, we surely all need a "root Kit" detector, how many of us have one?

So, I suggest rkhunter, in reality this needs to be installed BEFORE most anything or all bets are off or the MD5sums might already be compromised.

Make sure you have the epel repo installed in /etc/yum.repos.d


Code:
[epel]
name=Extra Packages for Enterprise Linux 5 - $basearch
#baseurl=http://download.fedoraproject.org/pub/epel/5/$basearch
mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-5&arch=$basearch
failovermethod=priority
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL

[epel-debuginfo]
name=Extra Packages for Enterprise Linux 5 - $basearch - Debug
#baseurl=http://download.fedoraproject.org/pub/epel/5/$basearch/debug
mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-debug-5&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
gpgcheck=1

[epel-source]
name=Extra Packages for Enterprise Linux 5 - $basearch - Source
#baseurl=http://download.fedoraproject.org/pub/epel/5/SRPMS
mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-source-5&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
gpgcheck=1
yum install --enablerepo=epel* rkhunter

edit the email address in the enclosed /etc/rkhunter.conf file which is of course the rkhunter.txt file enclosed (brain-dead stupid effing software :) and move it there appropriately )


then

rkhunter --propupd

you should be good to go.

these settings should make your notifications from rkhunter relatively quiet, and only tell you when there is a real problem.

http://forum.elastix.org/old_files/rkhunter.txt
 

Members online

No members online now.

Latest posts

Forum statistics

Threads
30,902
Messages
130,886
Members
17,563
Latest member
dineshr
Top