Results 1 to 9 of 9

Thread: Script for detecting rootkit's

  1. #1

    Script for detecting rootkit's

    I just noticed something of interest at freshmeat.net that may be of benefit to those running production servers.

    About: chkrootkit is a tool to locally check for signs of a rootkit. It contains a chkrootkit: shell script that checks system binaries for rootkit modification. The following tests are made: aliens, asp, bindshell, lkm, rexedcs, sniffer, wted, z2, amd, basename, biff, chfn, chsh, cron, date, du, dirname, echo, egrep, env, find, fingerd, gpm, grep, hdparm, su, ifconfig, inetd, inetdconf, identd, killall, login, ls, mail, mingetty, netstat, named, passwd, pidof, pop2, pop3, ps, pstree, rpcinfo, rlogind, rshd, slogin, sendmail, sshd, syslogd, tar, tcpd, top, telnetd, timed, traceroute, and write. ifpromisc.c checks whether the interface is in promiscuous mode, chklastlog.c checks for lastlog deletions, chkwtmp.c checks for wtmp deletions, check_wtmpx.c checks for wtmpx deletions (Solaris only), and chkproc.c checks for signs of LKM trojans.

    www.chkrootkit.org

  2. #2

    Re: Script for detecting rootkit's

    hi mike,
    thanks man! i don't do any production stuff but would like to know where i am vunerable and do run a couple things because i wnat 'em running.
    Paul

  3. #3

    Re: Script for detecting rootkit's

    How are you doing Paul?

    I thought chkrootkit might come in handy for some. Great stuff at freshmeat.

    Could you please do me a favor and post about chkrootkit at lno. There happens to be a thread in General about someone that got rooted recently. As you know they still haven't fixed my account(s) at lno, so I am unable to post it myself. Thanks.

    Take care...

  4. #4

    Re: Script for detecting rootkit's

    For you mike - no problem

    here it is:
    http://www.linuxnewbie.org/cgi-bin/u...3&t=005799

    ah life is good, i got a job, the family is healthy and i get to play with linux - who could want more

  5. #5
    Guest

    Re: Script for detecting rootkit's

    Paul: how about a beer?

  6. #6

    Re: Script for detecting rootkit's


    Paul: how about a beer?
    What kind?

  7. #7

    Re: Script for detecting rootkit's


    For you mike - no problem

    here it is:
    http://www.linuxnewbie.org/cgi-bin/u...3&t=005799

    ah life is good, i got a job, the family is healthy and i get to play with linux - who could want more
    Thanks Paul.

    Glad to hear life is treating you well. Family - job - Linux ... What more could you ask for?

    Gotta rush now. I slept in this morning and now I'll be a little late for work. Don't even remember the alarm going off.

  8. #8

    Re: Script for detecting rootkit's

    mdwatts[how_many] are you now ?

    Thanks for the link. Hope it isn't a troian ?

    As you know they still haven't fixed my account(s) at lno, so I am unable to post it myself.

  9. #9

    Re: Script for detecting rootkit's


    mdwatts[how_many] are you now ?

    Thanks for the link. Hope it isn't a troian ?

    If I remember correctly, I HAD around 4 or 5 accounts at LNO that went belly up. Something like 9,000 posts total. Maybe 20 of those in Shoot the breeze and Rants. I spent most of my time trying to help others (at least with my limited knowledge).

    Your welcome for the link. I doubt it's a trojan since it came from freshmeat. I hope it helps whoever uses it as I hate to see anyone have their systems corrupted/cracked.

Similar Threads

  1. script
    By try in forum Linux - General Topics
    Replies: 0
    Last Post: 12-15-2008, 07:43 AM
  2. not detecting USB thumb drive
    By craigconrad in forum Redhat / Fedora
    Replies: 5
    Last Post: 08-11-2004, 04:52 PM
  3. Probs in a script called from another script
    By Outlaw in forum Programming
    Replies: 1
    Last Post: 03-12-2004, 02:54 PM
  4. not detecting cdrom in laptop in redhat7.3
    By fetter in forum Linux - Hardware, Networking & Security
    Replies: 4
    Last Post: 09-30-2002, 10:48 PM
  5. Detecting wrong processor speed at boot.
    By pam in forum Linux - Hardware, Networking & Security
    Replies: 10
    Last Post: 09-15-2002, 10:19 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •