RKH (RootKit Hunter) adalah perangkat free open source, powerful, mudah digunakan dan terkenal untuk memindai backdoors, rootkit dan eksploitasi lokal pada sistem yang kompatibel dengan POSIX seperti Linux. Seperti namanya, rkhunter adalah pemburu rootkit, pemantauan keamanan dan alat analisis yang benar-benar memeriksa sistem untuk mendeteksi lubang keamanan yang tersembunyi.

berikut instalasi rkhunter via Linux Slackware :

[email protected]:~# slpkg -s sbo rkhunter
Reading package lists... Done
Resolving dependencies... Done

The following packages will be automatically installed or upgraded 
with new version:

+==============================================================================
| Package                 New version        Arch    Build  Repos          Size
+==============================================================================
Installing:
  rkhunter                1.4.6              x86_64         SBo

Installing summary
===============================================================================
Total 1 package.
1 package will be installed, 0 already installed and 0 package
will be upgraded.

Would you like to continue [y/N]? y

[1/1][ Download ] --> rkhunter.tar.gz

URL transformed to HTTPS due to an HSTS policy
--2018-08-17 07:11:43--  https://slackbuilds.org/slackbuilds/14.2/system/rkhunter.tar.gz
Resolving slackbuilds.org... 208.94.237.149
Connecting to slackbuilds.org|208.94.237.149|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1996 (1.9K) [application/x-gzip]
Saving to: '/tmp/slpkg/build/rkhunter.tar.gz'

rkhunter.tar.gz     100%[===================>]   1.95K  --.-KB/s    in 0s      

2018-08-17 07:11:44 (24.4 MB/s) - '/tmp/slpkg/build/rkhunter.tar.gz' saved [1996/1996]


[1/1][ Download ] --> rkhunter-1.4.6.tar.gz

--2018-08-17 07:11:44--  https://downloads.sourceforge.net/project/rkhunter/rkhunter/1.4.6/rkhunter-1.4.6.tar.gz
Resolving downloads.sourceforge.net... 216.105.38.13
Connecting to downloads.sourceforge.net|216.105.38.13|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://nchc.dl.sourceforge.net/project/rkhunter/rkhunter/1.4.6/rkhunter-1.4.6.tar.gz [following]
--2018-08-17 07:11:45--  https://nchc.dl.sourceforge.net/project/rkhunter/rkhunter/1.4.6/rkhunter-1.4.6.tar.gz
Resolving nchc.dl.sourceforge.net... 211.79.60.17, 2001:e10:ffff:1f02::17
Connecting to nchc.dl.sourceforge.net|211.79.60.17|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 302137 (295K) [application/x-gzip]
Saving to: '/tmp/slpkg/build/_SOURCES/rkhunter-1.4.6.tar.gz'

rkhunter-1.4.6.tar. 100%[===================>] 295.06K   391KB/s    in 0.8s    

2018-08-17 07:11:47 (391 KB/s) - '/tmp/slpkg/build/_SOURCES/rkhunter-1.4.6.tar.gz' saved [302137/302137]

[ Installing ] --> rkhunter-1.4.6

+==============================================================================
| Installing new package /tmp/rkhunter-1.4.6-x86_64-1_SBo.tgz
+==============================================================================

Verifying package rkhunter-1.4.6-x86_64-1_SBo.tgz.
Installing package rkhunter-1.4.6-x86_64-1_SBo.tgz:
PACKAGE DESCRIPTION:
# rkhunter (security monitoring and analyzing tool)
#
# RKHunter is a scanning tool that scans for rootkits, backdoors, and
# local exploits by running tests like:
#
# MD5 hash comparison, known rootkit files, incorrect permissions on
# binaries, suspect strings in LKM and LKD modules, and hidden files
#
# Rootkit Hunter is released as a GPL licensed project and is free for
# everyone to use.
#
Executing install script for rkhunter-1.4.6-x86_64-1_SBo.tgz.
Package rkhunter-1.4.6-x86_64-1_SBo.tgz installed.


Completed!

+==============================================================================
| Total 1 package installed and 0 package upgraded
+==============================================================================
| Package rkhunter-1.4.6 installed successfully
+==============================================================================

Cara menggunakannya :

# rkhunter -c
[ Rootkit Hunter version 1.4.6 ]

Checking system commands...

  Performing 'strings' command checks
    Checking 'strings' command                               [ OK ]

  Performing 'shared libraries' checks
    Checking for preloading variables                        [ None found ]
    Checking for preloaded libraries                         [ None found ]
    Checking LD_LIBRARY_PATH variable                        [ Not found ]

/bin/test                                                [ OK ]
    /bin/touch                                               [ OK ]
    /bin/tr                                                  [ OK ]
    /bin/uname                                               [ OK ]
    /bin/uniq                                                [ OK ]
    /bin/users                                               [ OK ]
    /bin/wc                                                  [ OK ]
    /bin/which                                               [ OK ]
    /bin/who                                                 [ OK ]
    /bin/whoami                                              [ OK ]
    /bin/numfmt                                              [ OK ]
    /bin/gawk-4.1.3                                          [ OK ]
    /bin/tcsh                                                [ OK ]
    /etc/rkhunter.conf                                       [ OK ]
Checking for rootkits...

  Performing check of known rootkit files and directories
    55808 Trojan - Variant A                                 [ Not found ]
    ADM Worm                                                 [ Not found ]
    AjaKit Rootkit                                           [ Not found ]
    Adore Rootkit                                            [ Not found ]
    aPa Kit                                                  [ Not found ]
    Apache Worm                                              [ Not found ]
    Ambient (ark) Rootkit                                    [ Not found ]