Search My Blog

Saturday, November 5, 2011

Chkrootkit, Lynis, Rkhunter, Unhide - Checks for signs of a rootkit

Here's a Rootkit Checking App with a GUI Interface for Linux. And in the links below. There are some more Rootkit Hunting Apps that are in my Fedora 14 Repo's...

Don

chkrootkit -- locally checks for signs of a rootkit

chkrootkit is a tool to locally check for signs of a rootkit. It contains:

  • chkrootkit: shell script that checks system binaries for rootkit modification.
  • ifpromisc.c: checks if the interface is in promiscuous mode.
  • chklastlog.c: checks for lastlog deletions.
  • chkwtmp.c: checks for wtmp deletions.
  • check_wtmpx.c: checks for wtmpx deletions. (Solaris only)
  • chkproc.c: checks for signs of LKM trojans.
  • chkdirs.c: checks for signs of LKM trojans.
  • strings.c: quick and dirty strings replacement.
  • chkutmp.c: checks for utmp deletions.

Chkrootkit is listed in the "Top 100 Network Security Tools" survey, 2006 edition, released by Insecure.Org. We would like to thank all people who voted for chkrootkit as their favourite tool!

Go there...
http://www.chkrootkit.org/

Chkrootkit, Lynis, Rkhunter, Unhide - checks for signs of a rootkit
chkrootkit -- locally checks for signs of a rootkit
Lynis
Unhide homepage - Welcome
Unhide homepage - Linux
chkrootkit -- locally checks for signs of a rootkit



Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)