Results 1 to 2 of 2

Thread: Rootkit hunter ...

  1. April 11th, 2004, 11:03 PM #1
    Phat_Penguin
    Phat_Penguin is offline
    Senior Member
    Join Date
    May 2002
    Posts
    450

    Rootkit hunter ...

    Sorry if this has been posted somewhere before, I did a quick search but didn't see it anywhere.

    I found this nice little tool that searches your *nix system for the possibility of a rootkit infection. It is similar to chkrootkit but it doesn't seem to throw up the false positives that chkrootkit does.

    Rootkit Hunter is very easy to install and and has a nice interactive run feature on the commandline. While no tool is perfect it will scan the system for many of the common rootkits.

    Just another one to drop into your *nix arsenal

    For more info here is the official site;

    rkhunter - http://www.rootkit.nl

    ... and a bit of a story about it at NewsForge can be found here
    Reply With Quote Reply With Quote
  2. April 12th, 2004, 09:27 AM #2
    instronics
    instronics is offline
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901
    I just installed it and tested it on an unsecured test box. The results are hardcore. An excellent tool. Apart from just looking for rootkits, its also scans for unsafe settings within some services. I tested it on an unpatched suse 7.3 box.... it found all the opensll weaknesses aswell as diverse warnings for ssh protocol 1 and also bitched at me for some unsafe settings in /etc/ssh/sshd_config.

    Very cool find Phat_Penguin

    Cheers
    Ubuntu-: Means in African : "Im too dumb to use Slackware"
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules