[rkhunter] Warnings found for server. Please inspect this machine, because it may be infected.

You received the above email because rkhunter (rootkit hunter) software is installed on your server and it detected some issues on the server. RKHunter is a widely used scanner on linux servers for detecting rootkits on the server. Rootkit is a malicious program that helps the hacker to gain access to server and it is very difficult to detect it. Log into your Linux Server via SSH as root and check the rkhunter logs.

rkhunter logs on a Linux server is saved in /var/log directory. Use cat or tail command to view the rkhunter scan log.

Rkhunter scan log location : /var/log/rkhunter.log
 

 

On my server it shows “Possible rootkits: 0” so there are no rootkits on the server. I received the above email because there is two suspect applications on my server (Suspect applications: 2). The rkhunter logs shows openssl and httpd application was out-of-date and that is the reason why I got rkhunter warning from the server. Updating the applications to latest version will fix the rkhunter warning.