Install Chkrootkit on your Ubuntu 22.10 Kinetic Kudu systemUbuntu
The Chkrootkit security scanner is a popular security tool that allows administrators to check the local system for evidence of a rootkit infection. It consists of a shell script that checks various security issues and system binaries for rootkit modification. You can use Chkrootkit in the command line or GUI. It is just like rkhunter which is another rootkit detection and removal tool.
Here at FixWebNode, we shall look into how to install Chkrootkit on Ubuntu 22.10 Kinetic Kudu.
Table of contents [Show] [Hide]
- 1 Steps to install Chkrootkit on Ubuntu 22.10 Kinetic Kudu
Steps to install Chkrootkit on Ubuntu 22.10 Kinetic Kudu
1. Perform System Update
To begin, update all packages in the system by running the below command:
$ sudo apt update
$ sudo apt upgrade
Also install a few important system packages with the below command:
$ sudo apt install wget apt-transport-https gnupg2 software-properties-common
2. Install Chkrootkit on the system
Now, you can install the latest version of Chkrootkit to your Ubuntu system, which is available by default on the system's base repository:
$ sudo apt install chkrootkit
3. Confirm Chkrootkit installation
You can run the below command to confirm Chkrootkit installation:
This will display the version installed.
How to launch Chkrootkit on Ubuntu ?
You can run the below command to use Chkrootkit on your system:
If your system is infected, you will see an output similar to below:
Checking `sshd'... not infected
Checking `syslogd'... not tested
Checking `tar'... not infected
Checking `tcpd'... INFECTED
Checking `tcpdump'... not infected
Checking `top'... not infected
Checking `telnetd'... not found
Alternatively, you can scan your server in quiet mode using the chkrootkit command with the -q option:
$ chkrootkit -q
To enable an automatic daily scan of your system first use:
$ sudo nano /etc/chkrootkit.conf
And change the line below:
Save and close the file, then exit the editor.
You can list out the options available with Chkrootkit with the following command:
$ chkrootkit -h
You can filter the output to find results with "INFECTED" status with grep command:
$ sudo chkrootkit | grep INFECTED
How to uninstall Chkrootkit from Ubuntu 22.10 Kinetic Kudu system ?
If you decided to completely remove the chkrootkit, execute the following command:
$ sudo apt purge --autoremove -y chkrootkit
[Need help in fixing Ubuntu Linux system issues ? We can help you. ]