This blog post is quite easy, it shows you how to install rkhunter on a linux machine and how to configure rkhunter to run periodically using a cron job.
RKhunter (rootkit hunter) is a program that takes a fingerprint of installed files and directories in your machine during install and compares the stored fingerprint against a fingerprint taken later on. It uses this fingerprint to determine if the files have changed, or if any files have been added or altered.
Login to your server (via SSH and su to root)
Go here and find the latest version.. Right now the latest version is 1.4.2
tar -xzvf rkhunter* cd rkhunter* ./installer.sh --install
Thats the section on how to install rkhunter done, next on to some things that will help you using rkhunter.
setup RKHunter to e-mail you you daily scan reports.
Add The Following:
/usr/local/bin/rkhunter -c --cronjob 2>&1 | mail -s "RKhunter Scan Details" email@example.com
Replace the e-mail above with your e-mail!! It is best to send the e-mail to an e-mail off-site so that if the box IS compromised the hacker can’t erase the scan report unless he hacks another server too.
chmod +x /etc/cron.daily/rkhunter.sh
next, update rkhunter so that all the components are the latest versions
Then you can run a scan against your system
rkhunter -c --sk --display-logfile
Once the scan completes you can go through the list produced and fix the various things!