fmII
Sun, May 18th home | browse | articles | contact | chat | submit | faq | newsletter | about | stats | scoop 07:48 PDT
in
Section
login «
register «
recover password «
[Project] add release | add branch | add screenshot | broken links | change owner | email subscribers | update project | update branch (urls) [Project]

 chkrootkit - Default branch
 Section: Unix

 

Added: Fri, Dec 28th 2001 12:58 PDT (6 years, 4 months ago) Updated: Mon, Apr 21st 2008 07:30 PDT (27 days ago)


About:
chkrootkit is a tool to locally check for signs of a rootkit. It contains a chkrootkit: shell script that checks system binaries for rootkit modification. The following tests are made: aliens, asp, bindshell, lkm, rexedcs, sniffer, wted, z2, amd, basename, biff, chfn, chsh, cron, date, du, dirname, echo, egrep, env, find, fingerd, gpm, grep, hdparm, su, ifconfig, inetd, inetdconf, identd, killall, login, ls, mail, mingetty, netstat, named, passwd, pidof, pop2, pop3, ps, pstree, rpcinfo, rlogind, rshd, slogin, sendmail, sshd, syslogd, tar, tcpd, top, telnetd, timed, traceroute, and write. ifpromisc.c checks whether the interface is in promiscuous mode, chklastlog.c checks for lastlog deletions, chkwtmp.c checks for wtmp deletions, check_wtmpx.c checks for wtmpx deletions (Solaris only), and chkproc.c checks for signs of LKM trojans.

Author:
Nelson Murilo <nelson |at| pangeia |dot| com |dot| br> [contact developer]

Rating:
8.43/10.00 (27 votes)

Homepage:
http://www.chkrootkit.org/
Tar/GZ:
ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
Changelog:
http://www.chkrootkit.org/README
Debian package:
http://packages.debian.org/chkrootkit
Mailing list archive:
http://marc.theaimsgroup.com/?l=chkrootkit-users&r=1&w=2

Trove categories: [change]
[Environment]  Console (Text Based)
[Intended Audience]  System Administrators
[License]  Freeware, OSI Approved :: BSD License (revised)
[Operating System]  POSIX :: BSD :: FreeBSD, POSIX :: BSD :: OpenBSD, POSIX :: Linux, POSIX :: SunOS/Solaris
[Topic]  Security

Dependencies: [change]
No dependencies filed

 
Project admins: [change]
» Hendrik Naumann (Owner)

» Rating: 8.43/10.00 (Rank 310)
» Vitality: 0.21% (Rank 838)
» Popularity: 10.56% (Rank 200)

project statsdownload stats
(click to enlarge graphs)
   Record hits: 17,181
   URL hits: 97,738
   Subscribers: 365

Projects depending on this project:
Tiger security tool


Other projects from the same categories:
sigof
EScrambler - Email Address HTML Code Scrambler
I-AM-DOH
RemenDeKO
PHP Anti-Virus

Users who subscribed to this project also subscribed to:
Gutenprint
gtk-gnutella
Vim
ProGuard
rdiff-backup


Add comment · Rate this project · Subscribe to new releases · Ignore this project · Email this project to a friend · Project record in XML

 Branches

Branch Version Last release License URLs
Default 0.48 21-Apr-2008 BSD License (revised) Homepage Tar/GZ Changelog

 Comments

[»] cpanel cgi-sys folder for back door checks
by Sree - Feb 13th 2004 01:00:09

chkrootkit does not include /usr/local/cpanel/cgi-sys
while checking for back door cgi's

We need to edit chkrootkit
line 708
from
var/lib/httpd/cgi-bin usr/local/httpd/cgi-bin usr/local/apache/cgi-bin \
to
var/lib/httpd/cgi-bin usr/local/httpd/cgi-bin usr/local/apache/cgi-bin /usr/local/cpanel/cgi-sys \

--
There is a test to find out whether your mission in this life is over. If you are still alive, it is not.

[reply] [top]



© Copyright 2008 SourceForge, Inc., All Rights Reserved.
About freshmeat.net •  Privacy Statement •  Terms of Use •  Trademark Guidelines •  Advertise •  Contact Us • 
ThinkGeek •  Slashdot  •  ITMJ •  Linux.com •  NewsForge  •  SourceForge.net  •  Surveys •  Jobs •  PriceGrabber