For a while now I wanted to post this. I am running this on my PC at home because I don’t feel like doing it manually every day/week/month etc, and also because I don’t use it that often, but I still want to make sure the basic check are done.

I am doing this in Linux Mint 13.

RKHUNTER

RKHunter is a great utility to detect rootkits. 

sudo apt-get install rkhunter

Create this bash script in your home directory or wherever else you may want to:

#!/bin/sh

varrkhunterupdate=$(rkhunter –update)

varrkhuntercheck=$(rkhunter -c –sk –rwo)

sendemail -f [email protected] -t [email protected] -u “rkhunter reports” -m “RKHUNTER\n$varrkhunterupdate\nRKHUNTER CHECK\n$varrkhuntercheck” -s smtp.server.com:port -xu [email protected] -xp YOURPASSWORD 

Save this file as fielname.sh (replace filename with a file name of your choosing)

Make the above file executable

chmod +x /location/of/my/file

Do a ls -l /location/of/my/file to make sure it is executable

sudo crontab -e

This will open up your sudo crontab. Add a line like this at the end of the file. It will scan daily at 10am for rootkits.

0 10 * * * /location/of/my/file.sh

CLAMAV

Do the same as above for ClamAV.

You can install ClamAV (and rkhunter) from the Software Manager application in Ubuntu.

You can place the ClamAV checks in the same .sh script or a new one, doesn’t matter. Remember to make the .sh file executable and to add a cron job.

You can do the same with updates as well. Just Google for something like “automate ubuntu updates”

Categories: Uncategorized