Linux

check_rootkit

Write a Review

Description:

A constant thread – a security breach. This small plugin uses the capabilities of the “Rootkit Hunter”, an open source solution downloadable from http://sourceforge.net/projects/rkhunter/

Current Version

Last Release Date

June 17, 2009

Compatible With

Owner

Nagios Exchange

Website

http://www.progis.de/

Copy Page Link Recommend Login to Add to Favorites
Project Files
FileDescription
check_rootkit.gz

Place this script in your libexec directory. Documentation in the script.

Project Notes
A constant thread - a security breach. This small plugin uses the capabilities of the "Rootkit Hunter", an open source solution downloadable from http://sourceforge.net/projects/rkhunter/ The plugin just starts the program rkhunter (you have to put the program in your /etc/sudoers) and returns a warning or an alert - or an ok if anything is fine. The command line in the perl script has to be modified conforming your needs. Please read the documentation from rootkit hunter carefully.
Reviews (2) Add a Review
fair
by oernii, April 30, 2012

1) double gzipped 2) I had to remove the --allow-ssh-root option 3) add an --nomow option, so that running it does not generate an email.


Unzipping
by gwrtheyrn, August 31, 2010

1. This file seems to be gzipped twice. To unzip, use: gzip -cd check_rootkit.gz | gzip -d - > check_rootkit 2. Also, my rkhunter binary was in /usr/bin/rkhunter, not in /usr/local/bin/rkhunter. 3. I had to change parts of line 61 in the script to sudo "rkhunter --quiet --check", as my rkhunter version did not know the allow-ssh-root-user option (and I didn't want it anyways). Besides that, nice script!


Add a Review

You must be logged in to submit a review.

Thank you for your review!

Your review has been submitted and is pending approval.

Recommend

To:


From:


Thank you for your recommendation!

Your recommendation has been sent.

Page Sections
Project Overview Project Files Project Notes Reviews
Project Stats
Rating
3 (2)
Favorites
0
Views
150,712