Rootkit cleaner


RootKits enable a remote person to take control over your server. That's really bad !! You have to protect yourself against these attacks.


Required programs

apt-get install rkhunter unhide


Update RootKit definitions

rkhunter --propupd
rkhunter --update


Search for RootKits

You can search for any rootkit in your computer with rkhunter : 

rkhunter -c


RootKit hunter [rkhunter] configuration

You can configure rkhunter : 

vim /etc/rkhunter.conf


To suppress the “Warning : the modules files ‘/proc/modules’ is missing” you need to add a skip test, line 246 

DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps apps os_specific"


According to your specific configuration, you need to adjust some specifics folders, line 438 

allowhiddendir=/dev/.udev
Retrieved from "http://www.daxiongmao.eu/wiki/index.php?title=Rootkit_cleaner&oldid=686"