2

There are some rootkitscanners for linux, for example:

But How would I get notified on a desktop?

Is it possible to get an alert, if the scanner found something?

rubo77
  • 32,486

2 Answers2

1

You can use the script here to get notified by a zenity Notification on your desktop

see: Run rkhunter regularly on a desktop system

Community
  • 1
rubo77
  • 32,486
0

After installing chkrootkit it adds a crontab within /etc/cron.daily/chkrootkit script "I'm using debian wheezy"

each chkrootkit daily execution logs inside a $LOG_DIR/log.today, you can then create a daemon that tracks changes within the log file and send you email or run something to alert you.

blade19899
  • 26,704
Abderrazak BOUADMA
  • 101
  • 2
  • Ok, so How would you create such an alert on the screen? Ubuntu desktop usually doesn't send emails – rubo77 Oct 08 '14 at 08:29
  • sudo apt-get install notify-osd then notify-send "Hello there !" – Abderrazak BOUADMA Oct 08 '14 at 08:42
  • cat $LOG_DIR/log.today | grep "not infected" if response is something else then you've to worry a little bit – Abderrazak BOUADMA Oct 08 '14 at 11:40
  • I guess, I have to enable check daily in /etc/chkrootkit.conf and then add your suggestion somewhere. Where? – rubo77 Oct 08 '14 at 12:11
  • add a crontab at /etc/cron.daily/alert-chkrootkit within you can put the tiny grep code. – Abderrazak BOUADMA Oct 08 '14 at 12:37
  • If you want to provide a thorough answer, you should edit your answer and add a description how you add this. Askubuntu is a site for desktop-users that normally are not so firm on the console some don't even know how to open a console – rubo77 Oct 08 '14 at 15:34
  • So I want to put this command somewhere: sudo rkhunter --checkall --report-warnings-only | while read OUTPUT; do notify-send "$OUTPUT"; done But where? – rubo77 Oct 13 '14 at 23:42