Linux

check_rootkit

Write a Review

Description:

A constant thread – a security breach. This small plugin uses the capabilities of the “Rootkit Hunter”, an open source solution downloadable from http://sourceforge.net/projects/rkhunter/

Current Version

Last Release Date

June 17, 2009

Compatible With

Owner

Nagios Exchange

Website

http://www.progis.de/

Copy Page Link Recommend Login to Add to Favorites Login to Claim
Nagios CSP

Meet The New Nagios Core Services Platform

Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.

Download Now

Monitoring Made Magically Better

  • Nagios Core on Overdrive
  • Powerful Monitoring Dashboards
  • Time-Saving Configuration Wizards
  • Open Source Powered Monitoring On Steroids
  • And So Much More!
Project Files
FileDescription
check_rootkit.gz

Place this script in your libexec directory. Documentation in the script.

Project Notes
A constant thread - a security breach. This small plugin uses the capabilities of the "Rootkit Hunter", an open source solution downloadable from http://sourceforge.net/projects/rkhunter/ The plugin just starts the program rkhunter (you have to put the program in your /etc/sudoers) and returns a warning or an alert - or an ok if anything is fine. The command line in the perl script has to be modified conforming your needs. Please read the documentation from rootkit hunter carefully.
Reviews (2) Add a Review
fair
by oernii, April 30, 2012
1) double gzipped
2) I had to remove the --allow-ssh-root option
3) add an --nomow option, so that running it does not generate an email.
Helpful?    
Report
Unzipping
by gwrtheyrn, August 31, 2010
1. This file seems to be gzipped twice. To unzip, use:
gzip -cd check_rootkit.gz | gzip -d - > check_rootkit

2. Also, my rkhunter binary was in /usr/bin/rkhunter, not in /usr/local/bin/rkhunter.

3. I had to change parts of line 61 in the script to sudo "rkhunter --quiet --check", as my rkhunter version did not know the allow-ssh-root-user option (and I didn't want it anyways).


Besides that, nice script!
1 of 1 found this review helpful.
Helpful?  1  0
Report
Add a Review

You must be logged in to submit a review.

Thank you for your review!

Your review has been submitted and is pending approval.

Recommend

To:


From:


Thank you for your recommendation!

Your recommendation has been sent.

Page Sections
Project Overview Project Files Project Notes Reviews
Project Stats
Rating
3 (2)
Favorites
0
Views
150,683