Verifying rkhunter file warnings
I got this problem as my rkhunter installation detected changed files (due to updates), so I encountered this solution by steve as I was searching for a solution.
Of course, as there could be a root kit/trojan/malicious stuff running in your system as rkhunter's meant to detect, you should NOT fully trust anything running from the machine. But I had to rely on this solution temporarily until I can get it (rebooted and) checked out proper using a tool like Finnix.
Am reposting the script here for reference, but you can get the most recent copy of the script here .
Hacker’s Challenge 3 completed
Just finished the Hacker's Challenge 3 book. Plenty learnt, and it also made me realize that there's so much I didn't know.
Out of the 20 challenges, the only two on application flaws were pretty easy to figure out (since I've been in that field for a while), but I still had no experience/idea in figuring out those with the network/human related flaws.
Gonna start by trying out some of the tools and log analyses mentioned in the book, but I think I'm going to need some hands-on practise (white-hat, of course) in order to learn faster.
You can't know what to protect, if you don't know how they might attack.
You probably won't know how they might attack, unless you've really tried it yourself.
Note to self: don't borrow more than two books at a time, you probably can't finish one within the first borrowing time period that they give you anyway...
Getting your server to send an email whenever anyone logs in
Running on a VPS like Linode give me plenty of control over what is run, and also plenty of chances to learn more about network administration (along with the heartaches). 
The code that I used was based from this forum post. This one presumes that your MTA has been setup properly. The original code was for protecting your root account (i.e. when anyone logs into your server's root account, you get the notification).
(Note: it is usually not advisable to login as root. Create a user account and give it sudoer rights instead. I'd say that's advisable even for servers where there is only one person expected to login, which is you.)