Step 1: Downloading Rkhunter

First download the latest stable version of Rkhunter tool by going to Rootkit Hunter - Malware detection for Unix/Linux systems or use below Wget command to download it on your systems.
# cd /tmp
# wget 307 Temporary Redirect Step 2: Installing Rkhunter

Once you have downloaded the latest version, run the following commands as a root user to install it.
# tar -xvf rkhunter-1.4.0.tar.gz
# cd rkhunter-1.4.0
# ./installer.sh --layout default --install Step 3: Updating Rkhunter

Run the RKH updater to fill the database properties by running the following command.
# /usr/local/bin/rkhunter --update
# /usr/local/bin/rkhunter --propupd Step 4: Setting Cronjob and Email Alerts

Create a file called rkhunter.sh under /etc/cron.daily/, which then scans your file system every day and sends email notifications to your email id. Create following file with the help of your favourite editor.
# vi /etc/cron.daily/rkhunter.sh Add the following lines of code to it and replace “YourServerNameHere” with your “Server Name” and “[email protected]” with your “Email Id“.
#!/bin/sh
(
/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
) | /bin/mail -s 'rkhunter Daily Run (PutYourServerNameHere)' [email protected] Set execute permission on the file.
# chmod 755 /etc/cron.daily/rkhunter.sh Step 5: Manual Scan and Usage

To scan the entire file system, run the Rkhunter as a root user.
# rkhunter --check The above command generates log file under /var/log/rkhunter.log with the checks results made by Rkhunter. For more information and options please run the following command.

# rkhunter --help If you liked this article, then sharing is the right way to say thanks
Install Rkhunter (Rootkit Hunter) in RHEL, CentOS and Fedora