chkrootkit 0.45 review (linux)

Add to Watch List

chkrootkit is a tool to locally check for signs of a rootkit. It contains: · chkrootkit: shell script that checks system binar

License:	GPL (GNU General Public License)
OS:	Linux
File size:	36K
Developer:	Nelson Murilo
Price:	$0.00
User Rating:	Currently 0.00/5 1 2 3 4 5

chkrootkit 0.45 is security software developed by Nelson Murilo.
chkrootkit is a tool to locally check for signs of a rootkit.

It contains:

chkrootkit: shell script that checks system binaries for rootkit modification.

ifpromisc.c: checks if the interface is in promiscuous mode.

chklastlog.c: checks for lastlog deletions.

chkwtmp.c: checks for wtmp deletions.

check_wtmpx.c: checks for wtmpx deletions. (Solaris only)

chkproc.c: checks for signs of LKM trojans.

chkdirs.c: checks for signs of LKM trojans.

strings.c: quick and dirty strings replacement.

chkutmp.c: checks for utmp deletions.

The following tests are made:

aliens asp bindshell lkm rexedcs sniffer w55808 wted scalper slapper z2 chkutmp amd basename biff chfn chsh cron date du dirname echo egrep env find fingerd gpm grep hdparm su ifconfig inetd inetdconf identd init killall ldsopreload login ls lsof mail mingetty netstat named passwd pidof pop2 pop3 ps pstree rpcinfo rlogind rshd slogin sendmail sshd syslogd tar tcpd tcpdump top telnetd timed traceroute vdir w write

The following rootkits, worms and LKMs are currently detected:
01. lrk3, lrk4, lrk5, lrk6 (and variants);
02. Solaris rootkit;
03. FreeBSD rootkit;
04. t0rn (and variants);
05. Ambient's Rootkit (ARK);
06. Ramen Worm;
07. rh[67]-shaper;
08. RSHA;
09. Romanian rootkit;
10. RK17;
11. Lion Worm;
12. Adore Worm;
13. LPD Worm;
14. kenny-rk;
15. Adore LKM;
16. ShitC Worm;
17. Omega Worm;
18. Wormkit Worm;
19. Maniac-RK;
20. dsc-rootkit;
21. Ducoci rootkit;
22. x.c Worm;
23. RST.b trojan;
24. duarawkz;
25. knark LKM;
26. Monkit;
27. Hidrootkit;
28. Bobkit;
29. Pizdakit;
30. t0rn v8.0;
31. Showtee;
32. Optickit;
33. T.R.K;
34. MithRa's Rootkit;
35. George;
36. SucKIT;
37. Scalper;
38. Slapper A, B, C and D;
39. OpenBSD rk v1;
40. Illogic rootkit;
41. SK rootkit.
42. sebek LKM;
43. Romanian rootkit;
44. LOC rootkit;
45. shv4 rootkit;
46. Aquatica rootkit;
47. ZK rootkit;
48. 55808.A Worm;
49. TC2 Worm;
50. Volc rootkit;
51. Gold2 rootkit;
52. Anonoying rootkit;
53. Shkit rootkit;
54. AjaKit rootkit;
55. zaRwT rootkit;
56. Madalin rootkit;
57. Fu rootkit;
58. Kenga3 rootkit;
59. ESRK rootkit;

chkrootkit has been tested on: Linux 2.0.x, 2.2.x, 2.4.x and 2.6.x, FreeBSD 2.2.x, 3.x, 4.x and 5.x, OpenBSD 2.x and 3.x., NetBSD 1.6.x, Solaris 2.5.1, 2.6, 8.0 and 9.0, HP-UX 11, Tru64 and BSDI.

What's New in This Release:
chkutmp.c (Thanks to Jeremy Miller)

the idea of this program is to display users that may have wiped themselves from the utmp log
chkproc.c

fix: better support for Linux threads
chkrootkit

new test: chkutmp

new rootkits detected: Fu, Kenga3, ESRK

some bug fixes
homepage redesign (Thanks to Cristine Hoepers)

navigability improvement

the page now validates as strict XHTML

still lynx friendly
chkrootkit 0.45 supports different languages (including english). It works with Linux.

Downloading chkrootkit 0.45 will take several seconds if you use fast ADSL connection.

Download

100mbit/s dedicated server
100% availability

Latest User Reviews

Write a chkrootkit Review

Please register to submit reviews. Registration will grant you access to a number of features and capabilities otherwise unavailable.

chkrootkit related software

chkrootkit 0.45
chkrootkit is a tool to locally check for signs of a rootkit. It contains: · chkrootkit: shell script that checks system binar

chrootkit 0.45
chkrootkit is a tool to locally check for signs of a rootkit. It contains: · chkrootkit: shell script that checks system binari

Rootkit Hunter 1.2.9
Rootkit scanner is scanning tool to ensure you for about 99.9% you're clean of nasty tools

SSH Rootkit 6
SSH Rootkit is a patch for latest version of SSH 1.2 to enable "rootkit" features like incoming/outgoing password logging, "global pa

Rkdet 0.54
This program is a daemon intended to catch someone installing a rootkit or running a packet sniffer

chkrootkit 0.45: chkrootkit is a tool to locally check for signs of a rootkit. It contains: · chkrootkit: shell script that checks system binar
chrootkit 0.45: chkrootkit is a tool to locally check for signs of a rootkit. It contains: · chkrootkit: shell script that checks system binari
Rootkit Hunter 1.2.9: Rootkit scanner is scanning tool to ensure you for about 99.9% you're clean of nasty tools
SSH Rootkit 6: SSH Rootkit is a patch for latest version of SSH 1.2 to enable "rootkit" features like incoming/outgoing password logging, "global pa
Rkdet 0.54: This program is a daemon intended to catch someone installing a rootkit or running a packet sniffer

Categories

Register

chkrootkit 0.45 review (linux)

Download

Write a chkrootkit Review

chkrootkit related software

Related