Chkrootkit is a free and open source antivirus application for Linux,BSD and Solaris. Using chkrootkit, you can scan your system binaries for rootkit modification. It checks for lastlog deletions, wtmp deletions, wtmpx deletions, signs of LKM trojans, strings replacement and utmp deletions.
How to Install Chkrootkit on Ubuntu
To install Chkrootkit on your system run below command.
sudo apt install chkrootkit -y
After the successful installation of Chkrootkit, run below command to start it. Chkrootkit must run as root
sudo chkrootkit
To check all the files under specified directory, run the following command:
sudo chkrootkit -r /opt
For the complete help and command details run below command.
chkrootkit -h
You can also build manually like below
wget ftp://ftp.chkrootkit.org/pub/seg/pac/chkrootkit.tar.gz
tar -xvf chkrootkit.tar.gz
cd chkrootkit
./configure
make
sudo make install
sudo chkrootkit
