Return to the archive index
From: chkrootkit@freshmeat.net Date: Thu, 7 Apr 2005 12:01:08 +0000 (UTC) Newsgroups: fm.announce chkrootkit 0.45 - Locally checks for signs of a rootkit. About: chkrootkit is a tool to locally check for signs of a rootkit. It contains a chkrootkit: shell script that checks system binaries for rootkit modification. The following tests are made: aliens, asp, bindshell, lkm, rexedcs, sniffer, wted, z2, amd, basename, biff, chfn, chsh, cron, date, du, dirname, echo, egrep, env, find, fingerd, gpm, grep, hdparm, su, ifconfig, inetd, inetdconf, identd, killall, login, ls, mail, mingetty, netstat, named, passwd, pidof, pop2, pop3, ps, pstree, rpcinfo, rlogind, rshd, slogin, sendmail, sshd, syslogd, tar, tcpd, top, telnetd, timed, traceroute, and write. ifpromisc.c checks whether the interface is in promiscuous mode, chklastlog.c checks for lastlog deletions, chkwtmp.c checks for wtmp deletions, check_wtmpx.c checks for wtmpx deletions (Solaris only), and chkproc.c checks for signs of LKM trojans. Release focus: Minor bugfixes Project URL: http://freshmeat.net/projects/chkrootkit/ Homepage: http://www.chkrootkit.org/
From Usenet Files Links (UFL)
Maintained by gwl
gwl At Home