Rkdet 0.54

This program is a daemon intended to catch someone installing a rootkit or running a packet sniffer

Developer:	Andrew Daviel more software by author →
Price:	0.00
License:	GPL (GNU General Public License)
File size:	0K
Language:
OS:
Rating:	0 /5 (0 votes)
Your vote:
enlarge screenshot

This program is a daemon intended to catch someone installing a rootkit or running a packet sniffer. It is designed to run continually with a small footprint under an innocuous name. When triggered, it sends email, appends to a logfile, and disables networking or halts the system. it is designed to install with the minimum of disruption to a normal multiuser system, and should not require rebuilding with each kernel change or system upgrade.http://vancouver-webpages.com/rkdet/rkdet-0.54-2.i386.rpm

The program regularly verifies the checksum of a small number of system files that are typically modified by a rootkit. This list of files is compiled into the program. The file list, together with the system commands and messages, are obfuscated in the compiled code to prevent someone from figuring out what the program is for by eyeballing the binary.
The obfuscation algorithm is simple, but is compiled into the program and does not depend on external programs or other libraries.

The program takes a single optional numeric argument. If odd (bit 0 set), the interface "eth0" is checked for promiscuous operation (packet sniffing). If bit 1 is clear, the program will delete the default route on the network when triggered. Of bit 1 is set, the program will disable the eth0 interface. Systems with multiple interfaces may require an alternate interface specification in "xstrings.txt", or modification of the program to disable multiple interfaces. If bit 2 is set, the program will only log events and not disconnect the network.
The command may be modified to "init 1" or "shutdown -h now" if desired, or to run a script such as "panic.sh" (included).

What's New in This Release:

Added configure script.

Do not trap if checksum program fails (due to load, etc.)
tags

the program set the program will the network multiple interfaces compiled into the system with the when triggered into the

Download Rkdet 0.54

http://vancouver-webpages.com/rkdet/rkdet-0.54-2.i386.rpm

http://vancouver-webpages.com/rkdet/rkdet-0.54-2.src.rpm

http://vancouver-webpages.com/rkdet/rkdet-0.54.tar.gz

Authors software

Rkdet 0.54 (by Andrew Daviel)
This program is a daemon intended to catch someone installing a rootkit or running a packet sniffer

Similar software

Rkdet 0.54 (by Andrew Daviel)
This program is a daemon intended to catch someone installing a rootkit or running a packet sniffer

Template::Tutorial 2.15 (by Andy Wardley)
Template::Tutorial are template toolkit tutorials.

This section includes tutorials on using the Template Toolkit

MathML::Entities 0.13 (by Jacques Distler)
MathML::Entities is a Perl module that can convert XHTML+MathML Named Entities to Numeric Character References.

SYNOPSIS

use M

Jimsim Network Simulator 1.1 (by Jimboney)
Jimsim Network Simulator project can emulate several routers connected via virutal networks

TrackFS 0.0.7 (by Michael Riepe)
Trackfs is a small program that tracks file system changes -- creation, update and removal of fs objects -- of another program (or gr

minicrc 0.2.2 (by Mohammad Hafiz)

Netwib 5.35 (by Laurent Constantin)
Netwib is a network library.

Here are some key features of "Netwib":
Network features :

· address conversion
· udp/tcp clien

Aimwatch 0.9.1 beta (by Bryan Schneiders)
Aimwatch is a packet sniffer designed to reconstruct AOL Instant Messenger and ICQ information by passively collecting packets from t

Fast File Validator 0.45 (by Christopher J. Madsen)
Fast File Validator in short FFV is a program for verifying files against a checksum file and for creating such checksum files

smtbang 0.1 (by Corcalciuc V. Horia)
smtbang is a small SMTP mailer program designed to send mail in chroot environments by sending email through a local smtpd host witho