rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online databases, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD.
Install RKHunter which is the Rootkit Detection tool
Install from EPEL
# yum – -enablerepo=epel -y install rkhunter
# nano /etc/sysconfig/rkhunter
Recipient address for report
MAILTO=root@localhost
If specified “yes”, scan more detaily
DIAG_SCAN=no
Update database
# rkhunter – -update
Update system file properties
# rkhunter – -propupd
Execute checking
–sk means sikpping to push Enter key.
If specified –rwo , display only warnings
If specified –rwo , display only warnings
# rkhunter – -check – -sk