User Tools

Site Tools


linux:anti-virus:chkrootkit

Linux - Anti-Virus - chkrootkit

chkrootKit is a free and open-source security scanner designed to detect known rootkits.

It scans your system for signs of rootkits, which are malicious programs that can grant unauthorized access and control over a compromised system.

It contains various programs/scripts which include:

  • chkrootkit – a shell script that checks system binaries for rootkit modification.
  • ifpromisc.c – it checks if an interface is in promiscuous mode.
  • chklastlog.c – this checks for lastlog deletions.
  • chkwtmp.c – this checks for wtmp deletions.
  • check_wtmpx.c – checks for wtmpx deletions (Solaris only).
  • chkproc.c – checks for signs of LKM trojans.
  • chkdirs.c – this checks for signs of LKM trojans.
  • strings.c – it performs quick and dirty string replacement.
  • chkutmp.c – this checks for utmp deletions.

Install chkrootkit


References

linux/anti-virus/chkrootkit.txt · Last modified: 2023/07/17 19:21 by peter

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki