How to add rkhunter to a cronjob
we know that automation and email notification make an administrator’s life a lot easier, so now we can add rkhunter to a cronjob.
This is straight from the rkhunter website: You need to create a short shell script as follows:
#!/bin/sh
( /usr/bin/rkhunter –versioncheck
/usr/bin/rkhunter –update
/usr/bin/rkhunter –cronjob –report-warnings-only
) | /usr/bin/mail -s “rkhunter output” admin@yourdomain.com
Save the file and call it something like ‘rkhunterscript’. Make the file executable:
and place it in your local bin folder or in a public bin folder. Now set a root cronjob as follows:
cronjob looks like this:
10 3 * * * /home/demo/bin/rkhunterscript
This will run the script at 3.10am each day
Scanning for rootkits with rkhunter
The first thing we want to do after installation is to update the signatures and files rkhunter uses to detect anomalies:
sudo /usr/local/bin/rkhunter –update
Interactive mode
sudo /usr/local/bin/rkhunter -c
That command starts rkhunter in an interactive mode.
When it gets to the end of a particular scan, you need to press ‘enter’ to continue.
If you want to skip the interactive prompts, add the -sk option at the end:
sudo /usr/local/bin/rkhunter -c -sk
How to fix wget for Fantastico install
If it is wget-1.10.2-3.3.fc5 or wget-1.10.2-8.fc6.1. This version does not honor the “-P” switch.
-P prefix
–directory-prefix=prefix
Set directory prefix to prefix. The directory prefix is the directory where all other files and subdirectories will be saved to, i.e. the top of the retrieval tree. The default is . (the current directory).
Update to the latest versino or An alternate version that we know works is wget-1.10.2-3.2.1
rpm -qa wget ;
wget ftp://ftp.funet.fi/pub/mirrors/ftp.redhat.com/pub/fedora/linux/core/5/
i386/os/Fedora/RPMS/wget-1.10.2-3.2.1.i386.rpm
chattr -ia /usr/bin/wget
rpm -e wget ;
rpm -ivh –force wget-1.10.2-3.2.1.i386.rpm ;
rpm -qa wget ;
You will also want to put wget on /etc/yum.conf’s “exclude=” line (near the start of the file) so the OS doesn’t automatically reinstall the buggy version.
Reference - http://www.netenberg.com/
How to create Custom Name Servers for your domain.
1. Ensure that your domain registrar allows you to create custom nameservers with your domain name.
2. Choose the prefix you wish to use with your domain, e.g. ns1.yourdomain.com ns2.yourdomain.com
3. Set them up using the two IP addresses that you have for DNS at the registrar domain manager. You will need to contact you provider to obtain these IP addreses.
4. Ask your data centre to enter a reverse DNS pointer for your nameservers.
5 .Now–> WHM–>>Server Setup >> Enter ns1.yourdomain.com in the Primary Nameserver field. Hit ‘Assign IP Address’, then hit ‘Add an A Entry for this nameserver’.
6. Repeat this process for Secondary.
HOW TO Install Fantastico
SSH to your server(s) and enter following commands
cd /usr/local/cpanel/whostmgr/docroot/cgi
wget -N http://files.betaservant.com/files/free/fantastico_whm_admin.tgz
tar -xzpf fantastico_whm_admin.tgz
rm -rf fantastico_whm_admin.tgz
Go to WHM, login as root and click on Tweak Settings, then you should ensure that both the Ioncube loader is selected for the backend copy of PHP. Save changes.
WHM -> Add-Ons (Plugins on v11.x or higher) -> Fantastico De Luxe WHM Admin
Upon loading, Fantastico De Luxe WHM Admin will auto-update your existing installation (if existing). All admin files (masterfiles, tarballs, settings etc) will be moved to or created at /var/netenberg.
If your users don’t see a Fantastico link in their CPanel: Go to WHM and edit the “default” Features List. Activate Fantastico.
Reference : http://www.netenberg.com/
