rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online database, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD.

Step 1. Installation

apt-get install rkhunter

Step 2. How to use rkhunter

After install you can use rkhunter to scan your linux for rootkits with command:

rkhunter -c

Page 1 of 11