Keeping a web server secure from any destruction is something that concerns all the server administrators. Rather it is one of the top priorities of server admins, more than adding features, optimum speed or server optimizations. For any cheap hosting provider having customer websites hosted on their servers, there can be nothing more important that keeping their servers secure and in top working condition. Various server security threats exists which can cause harm at varied intensities. Some may just slow down your server without causing any serious destruction while some others can exploit your hosting server’s weak spots and destroy the server entirely.
So, before the destruction happens, we are required to have a way to find it before-hand. RootCheck tool can help you with that, as it has the capability of scanning server ports, logs, rootkits, trojans, and other atrocious activities on a server. It is available for free and is released under the GNU General Public license by Trend Micro. It is a part of OSSEC, which is an open source host-based intrusion detection system.

How to install RootCheck on the server ?

Step i : Access your server using SSH as a root

su

Step ii : Get the latest updated version of rootcheck downloaded onto the server

wget http://www.ossec.net/rootcheck/files/rootcheck-2.4.tar.gz

Step iii : Then you must verify its checksum for security

wget http://www.ossec.net/rootcheck/files/rootcheck-2.4_checksum.txt
cat rootcheck-2.4_checksum.txt
md5 rootcheck-2.4.tar.gz
sha1 rootcheck-2.4.tar.gz

It is important that the entries match the corresponding checkum entries in the text file.
Step iv : Proceed with extracting the contents over the server

tar -zxvf rootcheck-2.4.tar.gz

Step v : Fire the below command for installing RootCheck on your server

cd rootcheck-2.4
make all

Step vi : Run root check.
Once it has completely scanned the server, it would display the results, after which further actions can be taken.