How To Install rkhunter on Debian 10

 

 

 

 

The Rootkit Hunter (Rkhunter) is an open-source Linux/Unix scanning tool for the Linux platform offered under the GPL for the detection of backdoors, rootkits, and local exploits on your system. It scans for hidden files, mispermitted binaries, and potentially malicious strings in the kernel.

 

 

 

 

 

 

We will walk you through the installation and configuration of Rkhunter on debian 10.

 

 

 

 

 

 

 

Step 1: Configure VPSie cloud server

 

 

 

  1. Sign in to your system or register a newly created one by logging in to your VPSie account
  2. Connect by SSH using the credentials we emailed you.
  3. Once you have logged into your Debian instance, run these commands to update your system.
apt-get update && apt-get upgrade -y

 

 

 

 

 

 

 

Step 2: Installing Rkhunter

 

 

 

 

 

 

Installing Rkhunter requires the following,

 

 

sudo apt install rkhunter -y

 

 

 

 

 

 

 

Step 3: Installing Rkhunter

 

 

 

 

 

To keep track of all possible threats, Rkhunter stores information in data files. You should be aware that the default Debian configuration is not capable of updating files. Follow these steps to resolve this issue,

 

 

 

 

 

  • Using nano, edit the /etc/rkhunter.conf file.
sudo nano /etc/rkhunter.conf

 

 

 

  • To search, press CTRL + W and type WEB_CMD = “/ bin / false“. You can disable the statement by adding a # at the beginning of the line.

 

# WEB_CMD="/bin/false"

 

 

 

  • Use CTRL + W to locate UPDATE_MIRROR.

 

Update the UPDATE_MIRRORS value to 1.

 

 

 

UPDATE_MIRRORS=1

 

 

 

  • To search for MIRRORS_MODE, press CTRL + W.

 

 

 

  • In MIRRORS_MODE, set the value to 0.

 

MIRRORS_MODE=0

 

 

 

  • When done, save the document and close it.

 

 

 

 

 

 

Step 4: Verify the configuration file

 

 

sudo rkhunter -C

 

 

 

 

Step 5: Update the data files and perform a local system check

 

 

 


 

Update data files,



sudo rkhunter --update

 

 

 

 

Check the local system,




sudo rkhunter --check

 

 

 






That’s it, Thanks for reading! I hope it was informative for you! 

 

 

 

 


 

 

Try VPSie for free today!