antivirus

Howto: Setup Cron job for RK-Hunter

Posted on Updated on

To setup as daily anti-virus scan report via email.

[root@server21 ~]# vi /etc/cron.daily/rkhunter.sh

Add the below lines to the file, change  email ID as yours.

#!/bin/bash
 /usr/local/bin/rkhunter --cronjob --rwo --nocolors | mail -s “Rkhunter daily run on `uname -n`” user@domain.com
 exit

Issue execute permission to the file,

[root@server21 ~]# chmod +x /etc/cron.daily/rkhunter.sh

Now you can receive daily security reports generated by RKHunter through email.
That’s it 🙂

Advertisements

Howto: Opensource Antivirus for webhosting servers

Posted on Updated on

 RK-hunter (RootKit Hunter) 

How ever we secured servers form virus attacks, their might be something  possible to enter virus into our premises without proper rights.  So we have to install anti-virus on server, it will throughout out the headache from viruses.

Most of the free-wares are outdated and scan without proper virus definition, Here I’m  saying about some more suitable anti-virus for these type of public UNIX servers. moreover we can update its definition according to the time period.

Download RK-Hunter

Installation:

[root@server21 ~]# wget  http://nchc.dl.sourceforge.net/project/rkhunter/rkhunter/1.4.0/rkhunter-1.4.0.tar.gz
[root@server21 ~]# tar -zxvf rkhunter-1.4.0.tar.gz
[root@server21 ~]# cd rkhunter-1.4.0
[root@server21 rkhunter-1.4.0]# ./installer.sh --install

Default installation location is /usr/local/rkhunter

If you need to installer RK-Hunter to custom location use below command

[root@server21 rkhunter-1.4.0]#./installer.sh --layout /path/to/directory  --install

Updating Definition :

gets the latest database updates from their central server and matches your OS better to prevent false positives

rkhunter --update

Now you can run a test scan with the following command:

rkhunter -c

Help:

[root@server21 rkhunter-1.4.0]# ./installer.sh
 Rootkit Hunter installer 1.2.16
Usage: ./installer.sh <parameters>
Ordered valid parameters:
 --help (-h)      : Show this help.
 --examples       : Show layout examples.
 --layout <value> : Choose installation template.
 The templates are:
 - default: (FHS compliant; the default)
 - /usr
 - /usr/local
 - oldschool: old version file locations
 - custom: supply your own installation directory
 - RPM: for building RPM's. Requires $RPM_BUILD_ROOT.
 - DEB: for building DEB's. Requires $DEB_BUILD_ROOT.
 - TGZ: for building Slackware TGZ's. Requires $TGZ_BUILD_ROOT.
 - TXZ: for building Slackware TXZ's. Requires $TXZ_BUILD_ROOT.
 --striproot      : Strip path from custom layout (for package maintainers).
 --install        : Install according to chosen layout.
 --overwrite      : Overwrite the existing configuration file.
 (Default is to create a separate configuration file.)
 --show           : Show chosen layout.
 --remove         : Uninstall according to chosen layout.
 --version        : Show the installer version.