chrootkit 0.45 review

Download
by rbytes.net on

chkrootkit is a tool to locally check for signs of a rootkit. It contains: · chkrootkit: shell script that checks system binari

License: GPL (GNU General Public License)
File size: 36K
Developer: Nelson Murilo
0 stars award from rbytes.net

chkrootkit is a tool to locally check for signs of a rootkit.

It contains:

chkrootkit: shell script that checks system binaries for rootkit modification.
ifpromisc.c: checks if the interface is in promiscuous mode.
chklastlog.c: checks for lastlog deletions.
chkwtmp.c: checks for wtmp deletions.
check_wtmpx.c: checks for wtmpx deletions. (Solaris only)
chkproc.c: checks for signs of LKM trojans.
chkdirs.c: checks for signs of LKM trojans.
strings.c: quick and dirty strings replacement.
chkutmp.c: checks for utmp deletions.

Installation:

To compile the C programs type:

make sense

After that it is ready to use and you can simply type:

./chkrootkit

What's New in This Release:
better support for Linux threads.
New rootkit detected: Fu, Kenga3, ESRK.
New test: chkutmp. -n option improvement.
Minor bug fixes.

chrootkit 0.45 keywords