rkhunter使用

1、下载地址：http://jaist.dl.sourceforge.net/project/rkhunter/rkhunter/1.4.6/

2、上传至Linux后解压

3、编译安装

[root@test rkhunter-1.4.6]# ./installer.sh --layout default --install
Checking system for:
 Rootkit Hunter installer files: found
 A web file download command: wget found
Starting installation:
 Checking installation directory "/usr/local": it exists and is writable.
 Checking installation directories:
  Directory /usr/local/share/doc/rkhunter-1.4.6: creating: OK
  Directory /usr/local/share/man/man8: exists and is writable.
  Directory /etc: exists and is writable.
  Directory /usr/local/bin: exists and is writable.
  Directory /usr/local/lib64: exists and is writable.
  Directory /var/lib: exists and is writable.
  Directory /usr/local/lib64/rkhunter/scripts: creating: OK
  Directory /var/lib/rkhunter/db: creating: OK
  Directory /var/lib/rkhunter/tmp: creating: OK
  Directory /var/lib/rkhunter/db/i18n: creating: OK
  Directory /var/lib/rkhunter/db/signatures: creating: OK
 Installing check_modules.pl: OK
 Installing filehashsha.pl: OK
 Installing stat.pl: OK
 Installing readlink.sh: OK
 Installing backdoorports.dat: OK
 Installing mirrors.dat: OK
 Installing programs_bad.dat: OK
 Installing suspscan.dat: OK
 Installing rkhunter.8: OK
 Installing ACKNOWLEDGMENTS: OK
 Installing CHANGELOG: OK
 Installing FAQ: OK
 Installing LICENSE: OK
 Installing README: OK
 Installing language support files: OK
 Installing ClamAV signatures: OK
 Installing rkhunter: OK
 Installing rkhunter.conf: OK
 Installation complete

4、常用参数

5、检查系统

[root@Nginx_Proxy ~]# /usr/local/bin/rkhunter --check --skip-keypress
[ Rootkit Hunter version 1.4.6 ]
.......

6、内容分析这部分内容是一个总的概况

System checks summary
=====================

File properties checks...
Required commands check failed
Files checked: 144
Suspect files: 5

Rootkit checks...
Rootkits checked : 505
Possible rootkits: 0

Applications checks...
All checks skipped

The system checks took: 8 minutes and 45 seconds