rkhunter使用
1、下载地址:http://jaist.dl.sourceforge.net/project/rkhunter/rkhunter/1.4.6/
2、上传至Linux后解压
3、编译安装
[root@test rkhunter-1.4.6]# ./installer.sh --layout default --install Checking system for: Rootkit Hunter installer files: found A web file download command: wget found Starting installation: Checking installation directory "/usr/local": it exists and is writable. Checking installation directories: Directory /usr/local/share/doc/rkhunter-1.4.6: creating: OK Directory /usr/local/share/man/man8: exists and is writable. Directory /etc: exists and is writable. Directory /usr/local/bin: exists and is writable. Directory /usr/local/lib64: exists and is writable. Directory /var/lib: exists and is writable. Directory /usr/local/lib64/rkhunter/scripts: creating: OK Directory /var/lib/rkhunter/db: creating: OK Directory /var/lib/rkhunter/tmp: creating: OK Directory /var/lib/rkhunter/db/i18n: creating: OK Directory /var/lib/rkhunter/db/signatures: creating: OK Installing check_modules.pl: OK Installing filehashsha.pl: OK Installing stat.pl: OK Installing readlink.sh: OK Installing backdoorports.dat: OK Installing mirrors.dat: OK Installing programs_bad.dat: OK Installing suspscan.dat: OK Installing rkhunter.8: OK Installing ACKNOWLEDGMENTS: OK Installing CHANGELOG: OK Installing FAQ: OK Installing LICENSE: OK Installing README: OK Installing language support files: OK Installing ClamAV signatures: OK Installing rkhunter: OK Installing rkhunter.conf: OK Installation complete
4、常用参数
5、检查系统
[root@Nginx_Proxy ~]# /usr/local/bin/rkhunter --check --skip-keypress [ Rootkit Hunter version 1.4.6 ]
.......
6、内容分析这部分内容是一个总的概况
System checks summary ===================== File properties checks... Required commands check failed Files checked: 144 Suspect files: 5 Rootkit checks... Rootkits checked : 505 Possible rootkits: 0 Applications checks... All checks skipped The system checks took: 8 minutes and 45 seconds