rootkithunter installation and configuration



What is rootkithunter ?



Rootkit scanner is scanning tool to ensure you for about 99.9%* you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:



- MD5 hash compare

- Look for default files used by rootkits

- Wrong file permissions for binaries

- Look for suspected strings in LKM and KLD modules

- Look for hidden files

- Optional scan within plaintext and binary files



Rootkit Hunter is released as GPL licensed project and free for everyone to use.



* No, not really 99.9%.. It's just another security layer



Rootkithunter FAQ



http://www.rootkit.nl/articles/rootkit_hunter_faq.html

RootkitHunter Scanning techniques



http://www.rootkit.nl/articles/rootkit_scanning_techniques.html

Download Rootkithunter



http://www.rootkit.nl/projects/rootkit_hunter.html

Rootkihunter Installation in Debian

If you want to install rootkit hunter in debian you need to add the unstable source list to your /etc/apt/sources.list file.Once you add this you need to run the following command.



#apt-get install rkhunter