rpms/chkrootkit
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
A tool to locally check for signs of a rootkit https://www.chkrootkit.org/
10 Commits 1 Branch 9 Tags 44 KiB
RPM Spec 100%
main
Go to file
Silvan Calarco b72527c3f9 update to 0.58b [release 0.58b-1mamba;Fri Jul 28 2023]
2024-01-05 21:12:52 +01:00
chkrootkit.spec update to 0.58b [release 0.58b-1mamba;Fri Jul 28 2023] 2024-01-05 21:12:52 +01:00
README.md update to 0.55 [release 0.55-1mamba;Tue Jun 15 2021] 2024-01-05 21:12:51 +01:00

README.md

chkrootkit

chkrootkit is a tool to locally check for signs of a rootkit. It contains:

  • chkrootkit: shell script that checks system binaries for rootkit modification.
  • ifpromisc: checks if the network interface is in promiscuous mode.
  • chklastlog: checks for lastlog deletions.
  • chkutmp.c: checks for utmp deletions.
  • chkwtmp: checks for wtmp deletions.
  • chkdirs: checks for signs of LKM trojans.
  • chkproc: checks for signs of LKM trojans.
  • strings: quick and dirty strings replacement.

A large number of rootkits, worms and LKMs are currently detected. For an updated list of rootkits, worms and LKMs detected by chkrootkit please visit: http://www.chkrootkit.org/.