Rootkit scanner is scanning tool to ensure you for about 99.9%* you’re clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:
– MD5 hash compare
– Look for default files used by rootkits
– Wrong file permissions for binaries
– Look for suspected strings in LKM and KLD modules
– Look for hidden files
– Optional scan within plaintext and binary files
Rootkit Hunter is released as GPL licensed project and free for everyone to use.
* No, not really 99.9%.. It’s just another security layer

Installing:

Get the latest version from http://sourceforge.net/projects/rkhunter/ I download latest tarball into /tmp folder . Now we should unpack it

# tar -xvf rkhunter-1.4.0.tar.gz
# cd rkhunter-1.4.0
# ./installer.sh --layout default --install

Now lets run rkhunter updater

# rkhunter --update
# rkhunter --propupd


After all we are able to scan entire linux for rootkits

# rkhunter --check