How to install chkrootkit on CentOS 7

chkrootkit is a tool that’s used to determine if a Unix server has been compromised.

You can’t do yum install chkrootkit on CentOS so follow the instructions below instead:

yum update
yum install wget gcc-c++ glibc-static
wget -c ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.md5
md5sum -c chkrootkit.md5
chkrootkit.tar.gz: OK

tar –xzf chkrootkit.tar.gz
mkdir /usr/local/chkrootkit
mv chkrootkit-0.52/* /usr/local/chkrootkit
cd /usr/local/chkrootkit
make sense

To do a scan:

/usr/local/chkrootkit/chkrootkit

To enable automatic scanning:

You can add a cron entry for running chkrootkit automatically and send a scan report to your mail address. Create and add the following entries to “/etc/cron.daily/chkrootkit.sh”

#!/bin/sh
 (
 /usr/local/chkrootkit/chkrootkit
 ) | /bin/mail -s 'CHROOTKIT Daily Run (ServerName)' [email protected]

Reference

How to Install CHKROOTKIT on Ubuntu 18.04/Centos 7

Share this article

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to Top