Use this guide to install and schedule regular rootkit checks on your Linux server.
Step 1: Install chkrootkit
Login to your server via SSH and run:
yum install chkrootkit -y
Step 2: Create Monthly Cron Script
Create a new monthly cron job file:
nano /etc/cron.monthly/chkrootkit.sh
Paste the following contents:
#!/bin/bash
(cd /usr/lib/chkrootkit-0.49/; ./chkrootkit 2>&1 -q | mail -s "chkrootkit (Corp)" name@yourdomain.com)
Replace
name@yourdomain.comwith your actual email address to receive alerts.
Step 3: Make the Script Executable
Save and exit the editor (CTRL+X, press Y, then Enter), then run:
chmod +x /etc/cron.monthly/chkrootkit.sh
Notes
- The default installation path (
/usr/lib/chkrootkit-0.49/) may vary. To confirm the path, run:rpm -ql chkrootkitand adjust the script accordingly if needed (e.g., use/usr/lib/chkrootkit/). - Ensure the server has
mailxor similar installed to send emails:yum install mailx -y
Let me know if you want a version for Debian/Ubuntu or a daily cron job instead.