About :- Chkrootkit is a common Unix-based program intended to help system administrators check their system for known rootkits.

Step 1. Run the following command to update your base system.

# apt-get update -y

Step 2. Install the Chkrootkit

apt-get install chkrootkit -y

Step 3. Check the version of Chkrootkit

chkrootkit -V

Step 4. List out the options available with Chkrootkit

chkrootkit -h

Step 5. To list all the available tests with Chkrootkit

chkrootkit -l

Step 6. Now, Run and test with the following command

chkrootkit

Step 7.Run Chkrootkit with -q option to list only output messages with `infected’ status

chkrootkit -q

Step 8. To check all the files under specified directory.

chkrootkit -r /opt

Step 9. You can enable daily check by /etc/chkrootkit.conf file

vi /etc/chkrootkit.conf
Change the line from:

RUN_DAILY="false"
to
RUN_DAILY="true"

LEAVE A REPLY

Please enter your comment!
Please enter your name here