chkrootkit and logcheck
chkrootkit and logcheck mail notification
#apt-get install cron
#crontab /etc/crontab
#apt-get install chkrootkit
write a script 'chkrootkit' and save in /
#/bin/bash
cd /usr/sbin/ && ./chkrootkit 2>&1 | mail -s "chkrootkit output" yourname@xyz.com
#chmod 777 / chkrootkit
#apt-get install logcheck
we edit the /etc/logcheck/logcheck.conf
INTRO=1
REPORTLEVEL="server"
SENDMAILTO="yourname@xyz.com"
FQDN=1
RULEDIR="/etc/logcheck"
then we write a script 'logcheck' and save in /
#/bin/bash
su -s /bin/bash -c "/usr/sbin/logcheck" logcheck
#chmod 777 /logcheck
we add the chkrootkit and logcheck script in the /var/spool/cron/crontabs/root
46 12 * * * /./chkrootkitdone :)
46 12 * * * /./logcheck
No comments:
Post a Comment