Rootkit cleaner

RootKits enable a remote person to take control over your server. That's really bad !! You have to protect yourself against these attacks.

Required programs

apt-get install rkhunter unhide

Update RootKit definitions

rkhunter --propupd
rkhunter --update

Search for RootKits

You can search for any rootkit in your computer with rkhunter :

rkhunter -c

RootKit hunter [rkhunter] configuration

You can configure rkhunter :

vim /etc/rkhunter.conf

To suppress the “Warning : the modules files ‘/proc/modules’ is missing” you need to add a skip test, line 246

DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps apps os_specific"

According to your specific configuration, you need to adjust some specifics folders, line 438