Lars Sommer, lasg@lasg.dk, 2007-10-18
DISCLAIMER: This is a personal note made for personal usage. It might not be easy usable nor explaining.
Install these ports: security/chkrootkit security/rkhunter rkhunter install options: make options: WITH_LSOF=true WITH_NMAP=true --- chkrootkit usage: Run sometimes with: sudo chkrootkit -q Or add to /etc/crontab like weekly: 10 10 * * 2 root /usr/local/sbin/chkrootkit -q > /var/log/chkrootkit.log --- rkhunter usage: You should keep your rkhunter database up-to-date. This can be done automatically by putting this line to /etc/periodic.conf: daily_rkhunter_update_enable="YES" Also, you can run rkhunter as a part of the daily security check by putting this line to /etc/periodic.conf: daily_rkhunter_check_enable="YES" Add this "--quiet --createlogfile --no-verbose-logging" to: /usr/local/etc/periodic/security/415.rkhunter so relevant log is done
