You have installed chkrootkit and it's now running with daily cron, but unless you are logging in daily to check the logs, you won't know of any potential problems. Here's a simple way to have the daily report emailed to you with only postfix installed, using the sendmail command.
Edit /etc/chkrootkit.conf and add the following
REPORT_EMAIL="[email protected]"
Edit /etc/cron.daily/chkrootkit and towards the bottom of the file, replace $CHKROOTKIT $RUN_DAILY_OPTS with
$CHKROOTKIT > $LOG_DIR/chkrootkit.log #Run chkrootkit and save the logfile ( echo "Subject: [chkrootkit] $(hostname -f) - Daily report" #Create subject line using the hostname echo "To: $REPORT_EMAIL" #Insert To: delivery email address using the variable defined in chkrootkit.conf echo "" cat $LOG_DIR/chkrootkit.log #Concat the logfile to the output ) | /usr/sbin/sendmail $REPORT_EMAIL #Send out the email!
It is probably a good idea to rotate the logs, so head over to /etc/logrotate.d/chkroot (new file) and enter
/var/log/chkrootkit/*.log {
daily
rotate 15
dateext
delaycompress
missingok
notifempty
}
Now wait for your daily scheduled cron to run, or run /etc/cron.daily/chkrootkit as root to test it out.