This blog post is quite easy, it shows you how to install rkhunter on a linux machine and how to configure rkhunter to run periodically using a cron job.
RKhunter (rootkit hunter) is a program that takes a fingerprint of installed files and directories in your machine during install and compares the stored fingerprint against a fingerprint taken later on. It uses this fingerprint to determine if the files have changed, or if any files have been added or altered.
Install rkhunter on a linux machine
Login to your server (via SSH and su to root)
Go here and find the latest version.. Right now the latest version is 1.4.2
tar -xzvf rkhunter* cd rkhunter* ./installer.sh --install
Thats the section on how to install rkhunter done, next on to some things that will help you using rkhunter.
daily reports using a cronjob
setup RKHunter to e-mail you you daily scan reports.
Add The Following:
/usr/local/bin/rkhunter -c --cronjob 2>&1 | mail -s "RKhunter Scan Details" email@example.com
Replace the e-mail above with your e-mail!! It is best to send the e-mail to an e-mail off-site so that if the box IS compromised the hacker can’t erase the scan report unless he hacks another server too.
chmod +x /etc/cron.daily/rkhunter.sh
next, update rkhunter so that all the components are the latest versions
Then you can run a scan against your system
rkhunter -c --sk --display-logfile
Once the scan completes you can go through the list produced and fix the various things!