Installing Rkhunter (Rootkit Hunter)

First download the latest stable version of Rkhunter tool:


Once you have downloaded the latest version, run the following commands as a root user to install it:

tar -xvf rkhunter-1.4.0.tar.gz
cd rkhunter-1.4.0
./ --layout default --install

Run the RKH updater to fill the database properties by running the following commands:

/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter -propupd

Create a file called under /etc/cron.daily/, which then scans your file system every day and sends email notifications to your email id. Create following file:

nano /etc/cron.daily/

Add the following lines of code to it and replace "YourServerNameHere" with your "Server Name" and "" with your "Email":

/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
) | /bin/mail -s 'rkhunter Daily Run (PutYourServerNameHere)'

Set execute permission on the file:

chmod 755 /etc/cron.daily/

To scan the entire file system manually, run the Rkhunter as a root user.

rkhunter -check

The above command generates a log file under /var/log/rkhunter.log with the checked results made by Rkhunter. 

For more information and options please run the following command:

rkhunter --help 

Was this answer helpful?

 Print this Article

Also Read

Secure VPS Tips

Here is a simple, straightforward guide to improve VPS security. Change the SSH port One of the...

Working with a compromised VPS

An exploited or hacked VPS is one that is no longer fully under your control. Someone else is now...

Close an Open DNS

The terms Open and Closed are now used to describe DNS servers in the following context: Open...

Troubleshoot slow internet connection

This article describes some of the most common causes for slow Internet connection. Follow these...

Secure mail server checklist

Setup of email server in Linux is simple, but your job does not end there. Customer had...