WebHostGear.com - the hosting resource for professionalshosting tutorials hosting howto webhost guide server managementMarch 18, 2010
server management, apache tutorials, hosting tutorials, cpanel, server security
Home | Search | Contact Us | Site Map

Advanced Search

Categories:
Hosting BlogBlog
ArticlesArticles
Hosting TutorialsHosting Tutorials
InterviewsInterviews
ReviewsReviews
Web Host NewsWeb Hosting News
cPanel HostingcPanel Hosting
Reseller HostingReseller Hosting
PHP HostingPHP Hosting
VPS HostingVPS Hosting
Windows HostingWindows Hosting
Shared HostingShared Hosting
Multiple Domain HostingMutiple Domain Hosting


Site Related:
Submit hosting articleSubmit Article
AdvertiseAdvertise
About UsAbout Us
WebhostGear PartnersPartners
SyndicateRSS Syndicate
Write for usWrite for us
Recommend UsRecommend Us
DisclaimerDisclaimer
Contact UsContact Us

Free Newsletter:

Subscribe to our free newsletter and receive, tutorials, reviews and more all related to the hosting industry.
E-mail Address:

First Name:



Home / Hosting Tutorials / Server Security / Root Check

Root Check



Printer Friendly Printer Friendly Send to a friend Send to a friend
By : ramprage Rating : Average Rating : 7.33 From 12 Voter(s)


RootCheck scans the system looking for possible  trojans ,scans the ports for malicious activity ,and checks for rootkits,and also the logs,permissions and more.

Installation Instructions
Login to your server and su to root.

wget http://www.ossec.net/rootcheck/files/rootcheck-0.4.tar.gz

tar -xvzf rootcheck-0.4.tar.gz
cd rootcheck-0.4
./install

This will take you to an interactive installtion. Make sure you have CPAN on your box because rootcheck requires the Perl Modules IO::Interface.

If the installtion is finished you will get this message

Compilation sucessfull. Ready to go.
 
---------------------------------------------------------
 That's it! If everything went ok, you should be ready
 to run RootCheck. If you any doubts about installation,
 please refer to INSTALL file.
 You can also find additional information at :  
 http://www.ossec.net/rootcheck/ 
 Improves, patches, comments are very welcome.
---------------------------------------------------------


Article provided by WebHostGear.com

Scanning the System
Now you are ready to run rootcheck.

There are quite a few options butthe simplest one is

./rootcheck.pl

If the installation was perfect you would get a progress screen of the scan after which the results wiill be writen into results.txt the result is quite explanatory and gives details of all suspected files.

There is also an example file that explains the different options for root check
More Information about rootcheck is available at  http://www.ossec.net/

Submitted by: Dinesh

New! - Need server help? Hire an Expert

Get professional help with your configuration, script installation or server issue.
Learn how we can help you with any server problem and make your server run like new. Professional staff will contact you, after submitting a quote request, by phone or email.

Rate this Article :

1
2
3
4
5
6
7
8
9
10
Poor Excellent

Related Articles


Guide to Chkrootkit - checking for intruders
Detect and Clean a hacked server T0rnkit Tutorial
Rkhunter Installation


Discuss this article with others in our new hosting forums

Comments / Feedback

domper
Can I install rootcheck if I have directadmin as web control panel on my server?.
WHG - Steve
Yes, the type of control panel shouldn't matter.
vijay kumar
very nice tutorial thanks i tried and found it very useful
ParisDNS
Got error when rnning ./rootcheck.pl :

Can't locate IO/Interface.pm in @INC (@INC contains: /usr/lib/perl5/5.8.6/i686-linux /usr/lib/perl5/5.8.6 /usr/lib/perl5/site_perl/5.8.6/i686-linux /usr/lib/perl5/site_perl/5.8.6 /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl .) at mods/checkif.pm line 22.
BEGIN failed--compilation aborted at mods/checkif.pm line 22.
Compilation failed in require at ./rootcheck.pl line 60.
Hesham
The provided URL is not working!
sinangunay
Because new version is avaliable, and changed the usage of script.
please try, http://ossec.underlinux.com.br/rootcheck/
codeunix
the new url link is:
wget http://www.ossec.net/rootcheck/files/rootcheck-0.7.tar.gz
cyberspace
ParisDNS, you need to install the perl module called IO::Interface
Brendan RTG
root@jade [/downloads]# tar -xvzf rootcheck-0.4.tar.gz

gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error exit delayed from previous errors
root@jade [/downloads]#
Rudi
Does anyone run the check via cron? And if so, how often?

 Add Comment
Name
Email
Image Code
Refresh Image
Comments / Feedback



Our site offers free hosting tutorials, cpanel tutorial, web hosting news, shell commands, running a web hosting business, dedicated guides, linux tutorial, apache install, home web server, web server guide, ssh commands, dedicated servers, DNS nameservers, chkrootkit, apf firewall, exim configuration, server compromised, cron backup solution, ftp backup script

Server Tutorials


WebHostGear Reviewed by Ping Zine - Click here

Links:
Lunarpages Coupon


Copyright � 2003-2009 WebHostGear.com