Provided by: rkhunter_1.2.7-16_i386 bug


        rkhunter - run a system check for rootkits or other malware


       rkhunter [-c|--checkall] [--createlogfile] [--cronjob]
       [--disable-md5-check] [--nocolors] [--versioncheck]


       rkhunter  is  an  easy-to-use  tool which checks machines running UNIX,
       Linux, BSD and other clones, for the presence of rootkits and/or  other
       unwanted  tools.  rkhunter can be run as a cronjob, or from the command
       line when needed. A Bash Shell or Korn Shell is required. If available,
       Perl modules will be used to replace some default system commands.

       The following system areas may be checked:

       -MD5 hash comparisons

       -Default files commonly used by rootkits

       -Incorrect file placement (moved binaries)

       -Search for suspect strings in LKM and KLD modules

       -Hidden files

       -Optional scan within plaintext and binary files

       -Search for old versions of software packages


              Allow  SSH  ‘root‘  user,  while  checking the SSH configuration
              file.  This  is  a  usefull  option  when  you  use  public  key
              authentication instead of keyboard authentication.

              (or  -c).rkhunter  preforms a full check of the system, printing
              out the results of each test to stdout.

       --configfile <file>
              Use another configuration file, instead of the default one

              A plain text file summarizing rkhunter’s findings. Default  file
              is /var/log/rkhunter.log.

              Use  this  option  if  you  wish to run rkhunter from a cron-job
              rather than the commandline. Removes colored layout.

              Uses another directory for the databases (instead of the default

              Skip  checking  MD5 hashes. Used on systems with custom tools or
              binaries that would throw off this test.

       --help Show help / usage information

              Skip colorized output

              Skips some tests (less accurate)

              Hide all information which not interesting for cronjobs and non-
              interactive scans (like hiding header/footer)

              Changes the default root directory, for chroot environments.

              Changes the default directory for temporary storage

              Make rkhunter non-interactive

              Consults the rkhunter website to determine if a newer version is
              available for download. Uses wget. The  latest  version  can  be
              found at

       Multiple  parameters are allowed. Some parameters can be only used with
       others. When running Rootkit Hunter without any  parameters,  the  most
       recent help will be shown.


       Rootkit  Hunter  is  licensed  under  the  GPL and under development by
       Michael Boelen (and testers..)


       You may direct questions and comments to