linux:anti-virus:chkrootkit
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| linux:anti-virus:chkrootkit [2023/07/17 19:18] – created peter | linux:anti-virus:chkrootkit [2023/07/17 19:21] (current) – peter | ||
|---|---|---|---|
| Line 2: | Line 2: | ||
| **chkrootKit** is a free and open-source security scanner designed to detect known rootkits. | **chkrootKit** is a free and open-source security scanner designed to detect known rootkits. | ||
| + | |||
| + | It scans your system for signs of rootkits, which are malicious programs that can grant unauthorized access and control over a compromised system. | ||
| + | |||
| + | It contains various programs/ | ||
| + | |||
| + | * chkrootkit – a shell script that checks system binaries for rootkit modification. | ||
| + | * ifpromisc.c – it checks if an interface is in promiscuous mode. | ||
| + | * chklastlog.c – this checks for lastlog deletions. | ||
| + | * chkwtmp.c – this checks for wtmp deletions. | ||
| + | * check_wtmpx.c – checks for wtmpx deletions (Solaris only). | ||
| + | * chkproc.c – checks for signs of LKM trojans. | ||
| + | * chkdirs.c – this checks for signs of LKM trojans. | ||
| + | * strings.c – it performs quick and dirty string replacement. | ||
| + | * chkutmp.c – this checks for utmp deletions. | ||
| + | |||
| ---- | ---- | ||
| + | |||
| + | [[Linux: | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== References ===== | ||
| + | |||
| + | https:// | ||
| + | |||
| + | |||
linux/anti-virus/chkrootkit.1689621480.txt.gz · Last modified: 2023/07/17 19:18 by peter