Wednesday, January 03, 2007

chkrootkit and logcheck

chkrootkit and logcheck mail notification

#apt-get install cron
#crontab /etc/crontab
#apt-get install chkrootkit

write a script 'chkrootkit' and save in /

#/bin/bash
cd /usr/sbin/ && ./chkrootkit 2>&1 | mail -s "chkrootkit output" yourname@xyz.com

#chmod 777 / chkrootkit
#apt-get install logcheck

we edit the /etc/logcheck/logcheck.conf
INTRO=1
REPORTLEVEL="server"
SENDMAILTO="yourname@xyz.com"
FQDN=1
RULEDIR="/etc/logcheck"

then we write a script 'logcheck' and save in /
#/bin/bash
su -s /bin/bash -c "/usr/sbin/logcheck" logcheck


#chmod 777 /logcheck
we add the chkrootkit and logcheck script in the /var/spool/cron/crontabs/root
46 12 * * * /./chkrootkit
46 12 * * * /./logcheck

done :)

Posted by salahuddin66 at 3:24 PM

Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)