To install RKhunter on RHEL/Centos follow the below steps.
Step 1. Download RKhunter
First of all download latest version of RKhunter by visiting http://www.rootkit.nl/projects/rootkit_hunter.html url as below.

#cd /usr/local/src
#wget http://ncu.dl.sourceforge.net/project/rkhunter/rkhunter/1.4.0/rkhunter-1.4.0.tar.gz

Step. 2 Start installation process
Once you have downloaded latest version, perform the following command through root user to start installation process.

# tar -xvf rkhunter-1.4.0.tar.gz
# cd rkhunter-1.4.0
# ./installer.sh –layout default –install

Step 3. Update database
After complete the installation process update the database by performing following command.

# /usr/local/bin/rkhunter –update
# /usr/local/bin/rkhunter –propupd

Step 4. Seclude Cronjob.
Open the following file with your favorite linux editor

# vi /etc/cron.daily/rkhunter.sh

Append the following lines and replace the mail address with your actual mail address.

/usr/local/bin/rkhunter –versioncheck
/usr/local/bin/rkhunter –update
/usr/local/bin/rkhunter –cronjob –report-warnings-only
) | /bin/mail -s ‘rkhunter Daily Run (PutYourServerNameHere)’ user@domain.com

5. Manual Scan
You can start a manual scan by performing the following command:

#/usr/local/bin/rkhunter -c

To scan the entire file system

#rkhunter –check

If you want to “auto skip” interactive mode, append the -sk option at the end of command:

/usr/local/bin/rkhunter -c -sk

That’s it.


