rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparingSHA-1 hashes of important files with known good ones in online databases, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD. The tool has been written in Bourne shell, to allow for portability. It can run on almost all UNIX-derived systems.
This tutorial explains the detailed steps to install rkhunter in a Linux server.
Step1: Login into SSH
Step2: Change the location
Step3: Download the package
Step4: Extract the downloaded package
#tar -zxvf rkhunter-1.4.0.tar.gz
Step5: Change the location to the extracted folder
Step6: Install rkhunter using the below command
Step7: Scan the server with rkhunter