rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online databases, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD.

:

Setting up MAC hardening to prevent rootkits is imo a better option, tomoyo tools is one of the best tools available for that, included in the repo and build into the kernel.

Good candidate for KCP though.

Edit:

Tomoyo is not just in the repo, it is part of the default install.