1. Download rkhunter from http://www.rootkit.nl/projects/rootkit_hunter.html using following commands.
cd /usr/local/src
wget http://downloads.sourceforge.net/project/rkhunter/rkhunter/1.4.2/rkhunter-1.4.2.tar.gz
2: Install rkhunter using following commands.
tar -xzvf rkhunter-1.4.2.tar.gz
cd rkhunter-1.4.2
./installer.sh --layout default --install
3: Update rkhunter using following commands.
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --propupd
4: Set up cron job & email alerts
Open /etc/cron.daily/rkhunter.sh using "vi" command
vi /etc/cron.daily/rkhunter.sh
Then add the following lines of code to the above file
===============================
#!/bin/sh
(
/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
) | /bin/mail -s 'rkhunter Daily Run - $HOSTNAME' name@domain.com
===============================
Note: replace name@domain.com with your email address.
Run following command to set correct permission to above script
chmod 755 /etc/cron.daily/rkhunter.sh
5: Manual scanning can be done using following command
rkhunter --check
Result of above scan be checked from the log file: /var/log/rkhunter.log