wget http://dag.wieers.com/rpm/packages/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.i386.rpm
yum -y --enablerepo=rpmforge install chkrootkit

vi chkrootkit

#!/bin/bash 

PATH=/usr/bin:/bin

TMPLOG=`mktemp`

# run chkrootkit
chkrootkit > $TMPLOG

# Log
cat $TMPLOG | logger -t chkrootkit

# rootkit detect and then email
[ ! -z "$(grep INFECTED $TMPLOG)" ] && \
grep INFECTED $TMPLOG | mail -s "chkrootkit report in `hostname`" sakai@aplogics.com

rm -f $TMPLOG

chmod 700 chkrootkit
mv chkrootkit /etc/cron.daily/