[rkhunter]Please inspect this machine, because it may be infected.
[rkhunter] Warnings found for server. Please inspect this machine, because it may be infected.
1. Log into your Linux Server via SSH as root user
2. Check rkhunter logs using cat ot tail command
rkhunter logs on a Linux server is saved in /var/log directory. Use cat or tail command to view the rkhunter scan log.
Rkhunter scan log file location: /var/log/rkhunter.log
[00:00:55] System checks summary
[00:00:55] File properties checks…
[00:00:55] Files checked: 0
[00:00:55] Suspect files: 0
[00:00:55] Rootkit checks…
[00:00:55] Rootkits checked : 380
[00:00:55] Possible rootkits: 0
[00:00:55] Applications checks…
[00:00:55] Applications checked: 8
[00:00:55] Suspect applications: 2
[00:00:55] The system checks took: 49 seconds
On my server it shows “Possible rootkits: 0” so there are no rootkits on the server. I received the above email because there is two suspect applications on my server (Suspect applications: 2).
The rkhunter logs shows openssl and httpd application was out-of-date and that is the reason why I got rkhunter warning from the server. Updating the applications to latest version will fix the rkhunter warning.