{"id":240,"date":"2014-06-23T07:12:51","date_gmt":"2014-06-23T05:12:51","guid":{"rendered":"http:\/\/www.gerst-it.com\/blog\/?p=240"},"modified":"2014-06-23T07:15:52","modified_gmt":"2014-06-23T05:15:52","slug":"install-rkhunter","status":"publish","type":"post","link":"https:\/\/blog.gerst-it.com\/?p=240","title":{"rendered":"Install rkhunter"},"content":{"rendered":"

1.<\/strong>\u00a0Extract rkhunter<\/p>\n

tar zxf rkhunter-1.4.2.tar.gz<\/span><\/em><\/p>\n

2.<\/strong>\u00a0Install rkhunter in usr-directory<\/p>\n

cd rkhunter-1.4.2\/<\/span><\/em><\/p>\n

.\/installer.sh –layout \/usr –install<\/span><\/em><\/p>\n

3.<\/strong> rkhunter update<\/p>\n

rkhunter –update && rkhunter –propupd<\/span><\/p>\n

4. <\/strong>Create cronjob in \/etc\/cron.daily<\/p>\n

#!\/bin\/sh<\/em><\/p>\n

RKHUNTER=\/usr\/bin\/rkhunter<\/em><\/p>\n

test -x $RKHUNTER || exit 0<\/em><\/p>\n

# source our config<\/em>
\n. \/etc\/default\/rkhunter<\/em><\/p>\n

if [ -z „$NICE“ ]; then<\/em>
\n NICE=0<\/em>
\nfi<\/em><\/p>\n

case „$CRON_DAILY_RUN“ in<\/em>
\n [Yy]*)<\/em><\/p>\n

if [ ! -x \/usr\/bin\/wget ] && [ ! -x \/usr\/bin\/curl ] && [ ! -x \/usr\/bin\/links ] && \\<\/em>
\n [ ! -x \/usr\/bin\/elinks ] && [ ! -x \/usr\/bin\/lynx ]; then<\/em>
\n echo „No tool with which to download rkhunter updates was found on your system. Please install wget, curl, (e)links or lynx“<\/em>
\n exit 1<\/em>
\n fi<\/em><\/p>\n

(<\/em>
\n echo „Subject: [rkhunter] $(hostname -f) – database update“<\/em>
\n echo „To: $REPORT_EMAIL“<\/em>
\n echo „“<\/em>
\n $RKHUNTER –versioncheck –nolog –nocolors<\/em>
\n $RKHUNTER –update –nolog –nocolors<\/em>
\n ) | \/usr\/sbin\/sendmail $REPORT_EMAIL<\/em>
\n OUTFILE=`mktemp` || exit 1<\/em>
\n \/usr\/bin\/nice -n $NICE $RKHUNTER –cronjob –report-warnings-only –appendlog > $OUTFILE<\/em>
\n if [ -s „$OUTFILE“ ]; then<\/em>
\n (<\/em>
\n echo „Subject: [rkhunter] $(hostname -f) – Daily report“<\/em>
\n echo „To: $REPORT_EMAIL“<\/em>
\n echo „“<\/em>
\n cat $OUTFILE<\/em>
\n ) | \/usr\/sbin\/sendmail $REPORT_EMAIL<\/em>
\n fi<\/em>
\n rm -f $OUTFILE<\/em>
\n ;;<\/em>
\n *)<\/em>
\n exit 0<\/em>
\n ;;<\/em>
\nesac<\/em><\/p>\n

5.<\/strong>\u00a0Create rkhunter config\u00a0in \/etc\/default<\/p>\n

# Defaults for rkhunter cron jobs<\/em>
\n# sourced by \/etc\/cron.*\/rkhunter<\/em><\/p>\n

#<\/em>
\n# This is a POSIX shell fragment<\/em>
\n#<\/em><\/p>\n

# Set this to the email address where reports and run output should be sent<\/em>
\nREPORT_EMAIL=“root“<\/em><\/p>\n

# Set this to yes to enable rkhunter weekly database updates<\/em>
\nCRON_DB_UPDATE=“yes“<\/em><\/p>\n

# Set this to yes to enable reports of weekly database updates<\/em>
\nDB_UPDATE_EMAIL=“yes“<\/em><\/p>\n

# Set this to yes to enable rkhunter daily runs<\/em>
\nCRON_DAILY_RUN=“yes“<\/em><\/p>\n

# Nicenesses range from -20 (most favorable scheduling) to 19 (least favorable).<\/em>
\nNICE=“0″<\/em><\/p>\n

6.<\/strong>\u00a0Edit rkhunter Config\u00a0\/etc\/rkhunter<\/p>\n

ALLOWHIDDENDIR<\/em><\/p>\n

SCRIPTWHITELIST<\/em><\/p>\n

ALLOWDEVFILE<\/em><\/p>\n

APP_WHITELIST<\/em><\/p>\n

7.<\/strong>\u00a0Update rkhunter (Hash of config file)<\/p>\n

rkhunter –propupd<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

1.\u00a0Extract rkhunter tar zxf rkhunter-1.4.2.tar.gz 2.\u00a0Install rkhunter in usr-directory cd rkhunter-1.4.2\/ .\/installer.sh –layout \/usr –install 3. rkhunter update rkhunter –update && rkhunter –propupd 4. Create cronjob in \/etc\/cron.daily #!\/bin\/sh RKHUNTER=\/usr\/bin\/rkhunter test -x $RKHUNTER || exit 0 # source our config . \/etc\/default\/rkhunter if [ -z „$NICE“ ]; then NICE=0 fi case „$CRON_DAILY_RUN“ in [Yy]*) if […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-240","post","type-post","status-publish","format-standard","hentry","category-debian"],"_links":{"self":[{"href":"https:\/\/blog.gerst-it.com\/index.php?rest_route=\/wp\/v2\/posts\/240","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.gerst-it.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.gerst-it.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.gerst-it.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.gerst-it.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=240"}],"version-history":[{"count":3,"href":"https:\/\/blog.gerst-it.com\/index.php?rest_route=\/wp\/v2\/posts\/240\/revisions"}],"predecessor-version":[{"id":242,"href":"https:\/\/blog.gerst-it.com\/index.php?rest_route=\/wp\/v2\/posts\/240\/revisions\/242"}],"wp:attachment":[{"href":"https:\/\/blog.gerst-it.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=240"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.gerst-it.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=240"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.gerst-it.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=240"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}