RKHunter

I’ve been fairly pleased with rootkit hunter.???? It’s trivial to set up, self-updating, and easy to use.

Fairly often in my career, I’ve started a job as an additional sysadmin, or worse yet, a replacement sysadmin. I rarely have the luxury of setting up a system or a network from scratch. It’s always difficult to determine the security level of a given system, and I rarely [never] have been able to treat production systems as “untrusted” and take them down long enough to do a full audit.

Granted, you should always treat the output from an ‘all in one’ tool like rkhunter with a grain of salt, but it does act well as an additional tool to use when you need it.