WebHosting Paid by #1Payday.Loans
chkrootkit is a tool to locally check for signs of a rootkit. It contains a chkrootkit: shell script that checks system binaries for rootkit modification. The following tests are made: aliens, asp, bindshell, lkm, rexedcs, sniffer, wted, z2, amd, basename, biff, chfn, chsh, cron, date, du, dirname, echo, egrep, env, find, fingerd, gpm, grep, hdparm, su, ifconfig, inetd, inetdconf, identd, killall, login, ls, mail, mingetty, netstat, named, passwd, pidof, pop2, pop3, ps, pstree, rpcinfo, rlogind, rshd, slogin, sendmail, sshd, syslogd, tar, tcpd, top, telnetd, timed, traceroute, and write. ifpromisc.c checks whether the interface is in promiscuous mode, chklastlog.c checks for lastlog deletions, chkwtmp.c checks for wtmp deletions, check_wtmpx.c checks for wtmpx deletions (Solaris only), and chkproc.c checks for signs of LKM trojans.
URL: https://www.chkrootkit.org/
Author: Nelson Murilo <nelson@pangeia.com.br>
Author: Klaus Steding-Jessen <jessen@nic.br>
Maintainer: Alejandro Mery <amery@geeks.cl>
License: OpenSource
Status: Stable
Version: 0.44
Download: ftp://ftp.pangeia.com.br/pub/seg/pac/ chkrootkit-0.44.tar.gz
Buildtime: 2051 (5) seconds (on reference hardware)
Buildtime: 2253 (9) seconds (on reference hardware)
Package Size: 0.48 MB, 14 files
Dependencies: 00-dirtree bash2 binutils bzip2 coreutils cvm findutils gawk gcc42
Dependencies: gcc42:dev glibc26 glibc26:dev grep linux26-headers:dev ltrace make
Dependencies: mktemp patch sed sysfiles tar xmame
ROCK Sources: chkrootkit.cache, chkrootkit.conf, chkrootkit.desc, head.patch, make_install.patch