How to install Chkrootkit on Ubuntu Linux?


Chkrootkit (or check rootkit) is a free and open-source tool lightweight antivirus program that is used especially to detect and remove rootkits from a Linux system.

You can use chkrootkit in the command line or GUI. It is similar to rkhunter which is another rootkit detection and removal tool.

In this article, I will discuss how to install Chkrootkit on Ubuntu Linux.

Features of Chkrootkit

The key features of Chkrootkit are –

  • Free and opensource
  • Available for different Linux distributions
  • Easy to use and fast
  • Lightweight and portable
  • You can burn it to USB or CD
  • It can detect almost all rootkits
  • Efficiently detects altered wtmp and lastlog files to alert administrators about intrusions

How to install chkrootkit on Ubuntu

The chkrootkit tool is available in the default Ubuntu repository so you can install it directly by using the apt command in your terminal.

But before you install a package on your system make sure the apt package repository is updated –

sudo apt update

Next use the following command to install chkrootkit on your system –

sudo apt install chkrootkit

Press y and then enter if it asks for your confirmation.

You can verify the installation by using –

chkrootkit -V

This will display the currently installed version of chkrootkit on your system –

ckhrootkit version

Using chkrootkit on Ubuntu

Once the chkrootkit installation is completed you can start using it for scanning a system for rootkits.

Use the following command to scan a system for rootkits –

sudo chkrootkit

chkrootkit

Scan a specific directory by using –

sudo chkrootkit -r /etc

Use the following command to display only infected output messages –

sudo chkrootkit -q

To display the options that can be used with chkrootkit command use –

chkrootkit -h

Enabling daily system check 

To enable an automatic daily scan of your system first use –

sudo nano /etc/chkrootkit.conf

And set –

RUN_DAILY="true"

Press Ctrl+s to save and Ctrl+x to exit from the text editor.

To know more about chkrootkit you can visit its official website.

How to remove Chkrootkit from Ubuntu

For any reasons, if you want to remove chkrootkit from your system then use –

sudo apt remove chkrootkit -y

Remove any unused dependencies that are left in your system by using –

sudo apt autoremove

Conclusion

I hope you have successfully set up chkrootkit tool on your Ubuntu system. Now if you have a query or feedback then write us in the comments below.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.