linux:anti-virus:chkrootkit
Linux - Anti-Virus - chkrootkit
chkrootKit is a free and open-source security scanner designed to detect known rootkits.
It scans your system for signs of rootkits, which are malicious programs that can grant unauthorized access and control over a compromised system.
It contains various programs/scripts which include:
- chkrootkit – a shell script that checks system binaries for rootkit modification.
- ifpromisc.c – it checks if an interface is in promiscuous mode.
- chklastlog.c – this checks for lastlog deletions.
- chkwtmp.c – this checks for wtmp deletions.
- check_wtmpx.c – checks for wtmpx deletions (Solaris only).
- chkproc.c – checks for signs of LKM trojans.
- chkdirs.c – this checks for signs of LKM trojans.
- strings.c – it performs quick and dirty string replacement.
- chkutmp.c – this checks for utmp deletions.
References
linux/anti-virus/chkrootkit.txt · Last modified: 2023/07/17 19:21 by peter