{"id":16,"date":"2013-08-23T20:11:20","date_gmt":"2013-08-23T20:11:20","guid":{"rendered":"https:\/\/www.eqservers.com\/blog\/?p=16"},"modified":"2013-08-28T08:42:25","modified_gmt":"2013-08-28T08:42:25","slug":"check-dedicated-server-rootkits","status":"publish","type":"post","link":"https:\/\/www.eqservers.com\/blog\/check-dedicated-server-rootkits\/","title":{"rendered":"Check your Dedicated Server for Rootkits"},"content":{"rendered":"<p>More often than not, we have seen <a href=\"https:\/\/www.eqservers.com\" title=\"Buy Dedicated Servers\" target=\"_blank\">dedicated servers<\/a> being infected by trojans, malwares, viruses and rootkits which gives hackers the control of your servers. This can happen due to open ports, unpatched security holes, weak passwords etc.<\/p>\n<p><!--more--><\/p>\n<p>Security of your <a href=\"https:\/\/www.eqservers.com\" title=\"Buy Dedicated Servers\" target=\"_blank\">dedicated servers<\/a> is very important and we belive a lot in it.<\/p>\n<p>Let us look at how you can scan your <a href=\"https:\/\/www.eqservers.com\" title=\"Buy Dedicated Servers\" target=\"_blank\">dedicated servers<\/a> for such infections first. RootCheck is a server scanner which scans your server for any malicious codes, files or shells. It scans the complete server including the logs.<\/p>\n<p><strong>How to Install RootCheck through SSH<\/strong><\/p>\n<p>1) <strong>Download and Install <a rel=\"nofollow\" href=\"http:\/\/www.chiark.greenend.org.uk\/~sgtatham\/putty\/download.html\" title=\"Download PuTTY\" target=\"_blank\">PuTTY SSH Client<\/a><\/strong><\/p>\n<p>2) <strong>Login to your dedicated server and go to the root folder<\/strong><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Putty-Login.png\" alt=\"Putty Login\" width=\"663\" height=\"418\" class=\"alignleft size-full wp-image-17\" srcset=\"https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Putty-Login.png 663w, https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Putty-Login-300x189.png 300w\" sizes=\"auto, (max-width: 663px) 100vw, 663px\" \/><\/p>\n<p>3) <strong>Enter the below code in the root of your SSH to download RootCheck on the server<\/strong><\/p>\n<p><quote>wget http:\/\/www.ossec.net\/rootcheck\/files\/rootcheck-2.4.tar.gz<\/quote><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Install-Rootcheck.png\" alt=\"Install Rootcheck\" width=\"660\" height=\"202\" class=\"alignleft size-full wp-image-18\" srcset=\"https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Install-Rootcheck.png 660w, https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Install-Rootcheck-300x91.png 300w\" sizes=\"auto, (max-width: 660px) 100vw, 660px\" \/><\/p>\n<p>4) <strong>Extract RootCheck<\/strong><\/p>\n<p><quote>tar -zxvf rootcheck-2.4.tar.gz<\/quote><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Extract-RootCheck.png\" alt=\"Extract RootCheck\" width=\"397\" height=\"23\" class=\"alignleft size-full wp-image-19\" srcset=\"https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Extract-RootCheck.png 397w, https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Extract-RootCheck-300x17.png 300w\" sizes=\"auto, (max-width: 397px) 100vw, 397px\" \/><\/p>\n<p>5) <strong>Execute command for RootCheck Installation<\/strong><\/p>\n<p><quote>cd rootcheck-2.4<\/quote><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Install-Execute-Command-Rootcheck.png\" alt=\"Install Execute Command Rootcheck\" width=\"302\" height=\"38\" class=\"alignleft size-full wp-image-20\" srcset=\"https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Install-Execute-Command-Rootcheck.png 302w, https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Install-Execute-Command-Rootcheck-300x37.png 300w\" sizes=\"auto, (max-width: 302px) 100vw, 302px\" \/><\/p>\n<p>6) <b>Compile RootCheck<\/b><\/p>\n<p>Run the below command to Compile RootCheck<\/p>\n<p><quote>make all<\/quote><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Compile-RootCheck.png\" alt=\"Compile RootCheck\" width=\"1006\" height=\"707\" class=\"alignleft size-full wp-image-21\" srcset=\"https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Compile-RootCheck.png 1006w, https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Compile-RootCheck-300x210.png 300w\" sizes=\"auto, (max-width: 1006px) 100vw, 1006px\" \/><\/p>\n<p>7) <b>Run RootCheck<\/b><\/p>\n<p>Run the below command to start RootCheck<\/p>\n<p><quote>.\/ossec-rootcheck<\/quote><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Run-RootCheck.png\" alt=\"Run RootCheck\" width=\"672\" height=\"678\" class=\"alignleft size-full wp-image-22\" srcset=\"https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Run-RootCheck.png 672w, https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Run-RootCheck-150x150.png 150w, https:\/\/www.eqservers.com\/blog\/wp-content\/uploads\/Run-RootCheck-297x300.png 297w\" sizes=\"auto, (max-width: 672px) 100vw, 672px\" \/><\/p>\n<p>You will now see the results of RootCheck scan as shown above. Look for any issues and fix it.<\/p>\n<p>Until next time, keep yourself and your servers secured.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>More often than not, we have seen dedicated servers being infected by trojans, malwares, viruses and rootkits which gives hackers the control of your servers. This can happen due to open ports, unpatched security holes, weak passwords etc.<\/p>\n","protected":false},"author":1,"featured_media":34,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[15,4,3,6,5],"class_list":["post-16","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-dedicated-server-tutorials","tag-dedicated-server-tutorials","tag-putty","tag-rootcheck","tag-server-tutorials","tag-ssh"],"_links":{"self":[{"href":"https:\/\/www.eqservers.com\/blog\/wp-json\/wp\/v2\/posts\/16","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.eqservers.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.eqservers.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.eqservers.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.eqservers.com\/blog\/wp-json\/wp\/v2\/comments?post=16"}],"version-history":[{"count":2,"href":"https:\/\/www.eqservers.com\/blog\/wp-json\/wp\/v2\/posts\/16\/revisions"}],"predecessor-version":[{"id":33,"href":"https:\/\/www.eqservers.com\/blog\/wp-json\/wp\/v2\/posts\/16\/revisions\/33"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.eqservers.com\/blog\/wp-json\/wp\/v2\/media\/34"}],"wp:attachment":[{"href":"https:\/\/www.eqservers.com\/blog\/wp-json\/wp\/v2\/media?parent=16"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.eqservers.com\/blog\/wp-json\/wp\/v2\/categories?post=16"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.eqservers.com\/blog\/wp-json\/wp\/v2\/tags?post=16"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}