Rootkit Hunter

Install

sudo pacman -S rkhunter

Configure

Configuration file located at /etc/rkhunter.conf. and check the validity of the file sudo rkhunter --config-check

Update the database

sudo rkhunter --propupd

Scan the system

sudo rkhunter --check

Whitelist

Edit /etc/rkhunter.conf

SCRIPTWHITELIST=/usr/bin/egrep
SCRIPTWHITELIST=/usr/bin/fgrep
SCRIPTWHITELIST=/usr/bin/ldd

Links

• https://wiki.archlinux.org/index.php/Rkhunter