Check your Dedicated Server for Rootkits

• Admin
• Dedicated Server Tutorials
• 23/08/2013

More often than not, we have seen dedicated servers being infected by trojans, malwares, viruses and rootkits which gives hackers the control of your servers. This can happen due to open ports, unpatched security holes, weak passwords etc.

Security of your dedicated servers is very important and we belive a lot in it.

Let us look at how you can scan your dedicated servers for such infections first. RootCheck is a server scanner which scans your server for any malicious codes, files or shells. It scans the complete server including the logs.

How to Install RootCheck through SSH

1) Download and Install PuTTY SSH Client

2) Login to your dedicated server and go to the root folder

3) Enter the below code in the root of your SSH to download RootCheck on the server

wget http://www.ossec.net/rootcheck/files/rootcheck-2.4.tar.gz

4) Extract RootCheck

tar -zxvf rootcheck-2.4.tar.gz

5) Execute command for RootCheck Installation

cd rootcheck-2.4

6) Compile RootCheck

Run the below command to Compile RootCheck

make all

7) Run RootCheck

Run the below command to start RootCheck

./ossec-rootcheck

You will now see the results of RootCheck scan as shown above. Look for any issues and fix it.

Until next time, keep yourself and your servers secured.