Think there is a too much output with rkhunter? Including false positives on the binaries? If so this script should help.
(For the binaries, its good to check at least the md5 sum with something like AIDE).
1 2 3 4 5 6 7 8 9 10 11 12 | #!/bin/bash echo System checks summary >/home/user/rootkith.log echo ===================== >>/home/user/rootkith.log echo File properties checks... >>/home/user/rootkith.log cat /var/log/rkhunter.log |grep Files\ checked >>/home/user/rootkith.log cat /var/log/rkhunter.log |grep Suspect\ files >>/home/user/rootkith.log echo Rootkit checks... >>/home/user/rootkith.log cat /var/log/rkhunter.log |grep Rootkits\ checked >>/home/user/rootkith.log cat /var/log/rkhunter.log |grep Possible\ rootkits >>/home/user/rootkith.log echo Applications checks... >>/home/user/rootkith.log cat /var/log/rkhunter.log |grep Applications\ checked |grep -v Info >>/home/user/rootkith.log cat /var/log/rkhunter.log |grep Suspect\ applications >>/home/user/rootkith.log |
Then you setup a cronjob to cat rootkith.log and mail you the output of it daily.