Rootkit Hunter 1.2.9 review

Download
by rbytes.net on

Rootkit scanner is scanning tool to ensure you for about 99.9% you're clean of nasty tools

License: GPL (GNU General Public License)
File size: 0K
Developer: Michael Boelen
0 stars award from rbytes.net

Rootkit scanner is scanning tool to ensure you for about 99.9% you're clean of nasty tools. Rootkit Hunter scans for rootkits, backdoors and local exploits by running tests like:

- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files

Rootkit Hunter is released as GPL licensed project and free for everyone to use.

No, not really 99.9%.. It's just another security layer.

Requirements:
Compatible operating system (see 'Supported operating systems')
Bourne Again Shell (BASH)

Supported operating systems

Supported:

Most Linux distributions
Most *BSD distributions

Currently unsupported:

NetBSD

Tested on:

AIX 4.1.5 / 4.3.3
ALT Linux
Aurora Linux
CentOS 3.1 / 4.0
Conectiva Linux 6.0
Debian 3.x
FreeBSD 4.3 / 4.4 / 4.7 / 4.8 / 4.9 / 4.10
FreeBSD 5.0 / 5.1 / 5.2 / 5.2.1 / 5.3
Fedora Core 1 / Core 2 / Core 3
Gentoo 1.4, 2004.0, 2004.1
Macintosh OS 10.3.4-10.3.8
Mandrake 8.1 / 8.2 / 9.0-9.2 / 10.0 / 10.1
OpenBSD 3.4 / 3.5
Red Hat Linux 7.0-7.3 / 8 / 9
Red Hat Enterprise Linux 2.1 / 3.0
Slackware 9.0 / 9.1 / 10.0 / 10.1
SME 6.0
Solaris (SunOS)
SuSE 7.3 / 8.0-8.2 / 9.0-9.2
Ubuntu
Yellow Dog Linux 3.0 / 3.01

Confirmed to work also on:

DaNix (Debian clone)
PCLinuxOS
VectorLinux SOHO 3.2 / 4.0
CPUBuilders Linux
Virtuozzo (VPS)

Supported' rootkits/backdoors/LKM's/worms:

55808 Trojan - Variant A
ADM W0rm
AjaKit
aPa Kit
Apache Worm
Ambient (ark) Rootkit
Balaur Rootkit
BeastKit
beX2
BOBKit
CiNIK Worm (Slapper.B variant)
Danny-Boy's Abuse Kit
Devil RootKit
Dica
Dreams Rootkit
Duarawkz Rootkit
Flea Linux Rootkit
FreeBSD Rootkit
Fuck`it Rootkit
GasKit
Heroin LKM
HjC Rootkit
ignoKit
ImperalsS-FBRK
Irix Rootkit
Kitko
Knark
Li0n Worm
Lockit / LJK2
mod_rootme (Apache backdoor)
MRK
Ni0 Rootkit
NSDAP (RootKit for SunOS)
Optic Kit (Tux)
Oz Rootkit
Portacelo
R3dstorm Toolkit
RH-Sharpe's rootkit
RSHA's rootkit
Scalper Worm
Shutdown
SHV4 Rootkit
SHV5 Rootkit
Sin Rootkit
Slapper
Sneakin Rootkit
Suckit
SunOS Rootkit
Superkit
TBD (Telnet BackDoor)
TeLeKiT
T0rn Rootkit
Trojanit Kit
URK (Universal RootKit)
VcKit
Volc Rootkit
X-Org SunOS Rootkit
zaRwT.KiT Rootkit

and... some known/unknown sniffers, backdoors like:
Anti Anti-sniffer
LuCe LKM
THC Backdoor

What's New in This Release:
This release added support for RHEL WS/AS/ES 3 Taroon update 8, Fedora Core 5, and SuSE 10.
Checks were added for packet capturing applications and processes using deleted files.
The netstat check was enabled for AIX and the backdoor check was enabled for SunOS.
Logfile specification and checks were added.

Rootkit Hunter 1.2.9 search tags