linuxducks.free-forums.org

LinuxDucks Forum Linux Operating System Club
It is currently Tue Sep 26, 2017 6:47 am

All times are UTC - 4 hours [ DST ]




Post new topic Reply to topic  [ 4 posts ] 
Author Message
 Post subject: Security: Anti-Rootkit Scanners for Linux
PostPosted: Fri Aug 19, 2011 10:10 am 
Offline
Site Admin

Joined: Sat Apr 30, 2011 4:33 am
Posts: 1530
Location: USA
Security: Anti-Rootkit Scanners for Linux ....

You can get the scanners listed below the intro at Linux software
repositiory (System > Ubuntu Software Center in Ubuntu)

:-)
How to scan your Linux-Distro for Root Kits | HowtoForge - Linux ...
12 posts - 1 author - Last post: May 10, 2006
How to scan your Linux-Distro for Root Kits. ... chkrootkit is a tool to
locally check for signs of a rootkit. It contains: ...
http://www.howtoforge.com/scan_linux_for_rootkits

_________________
ADMINISTRATOR / FORUM OWNER
HOME: http://linuxducks.webs.com/
https://sites.google.com/site/linuxducks/home
http://tech.groups.yahoo.com/group/linuxducks/
Web: https://sites.google.com/site/pcsecurityhelper/
Malware Removal / Amatuer Forensics


Top
 Profile  
 
 Post subject: Re: Security: Anti-Rootkit Scanners for Linux
PostPosted: Fri Aug 19, 2011 10:11 am 
Offline
Site Admin

Joined: Sat Apr 30, 2011 4:33 am
Posts: 1530
Location: USA
==========> ANTI-ROOTKIT SCANNERS FOR LINUX.....

The Rootkit Hunter project

Thanks to John Horne and all contributors who made this release possible
by providing code, submitting ideas, bugs, fixes, documentation, helping
out on the rkhunter ...
rkhunter.sourceforge.net

Reference

khunter
http://www.linux.com/directory/Software ... er/details
Works With Distributions

* Debian
* Fedora
* Mandriva
* openSUSE
* Red Hat Enterprise Linux
* SUSE Enterprise Linux
* Ubuntu

Specifications
# Rootkit Hunter scans files and systems for known and unknown rootkits,
# backdoors, and sniffers. The package contains one shell script, a few
# text-based databases, and optional Perl modules. This tool scans for #
rootkits, backdoors, and local exploits by running tests like: # # *
Comparing MD5 hashes # # * Looking for default files used by rootkits #
# * Checking for wrong file permissions for binaries # # * Looking for
suspected strings in LKM and KLD modules # # * Looking for hidden files
# # * Optionally scanning within plain text and binary files # # *
Checking software versions # # * Testing applications # # Authors: #
-------- # Michael Boelen

_________________
ADMINISTRATOR / FORUM OWNER
HOME: http://linuxducks.webs.com/
https://sites.google.com/site/linuxducks/home
http://tech.groups.yahoo.com/group/linuxducks/
Web: https://sites.google.com/site/pcsecurityhelper/
Malware Removal / Amatuer Forensics


Top
 Profile  
 
 Post subject: Re: Security: Anti-Rootkit Scanners for Linux
PostPosted: Fri Aug 19, 2011 10:11 am 
Offline
Site Admin

Joined: Sat Apr 30, 2011 4:33 am
Posts: 1530
Location: USA
------------------

chkrootkit -- locally checks for signs of a rootkit
Jul 30, 2009 ... chkrootkit: shell script that checks system binaries
for rootkit modification. ... chkrootkit has been tested on: Linux
2.0.x, 2.2.x, ...
http://www.chkrootkit.org/

_________________
ADMINISTRATOR / FORUM OWNER
HOME: http://linuxducks.webs.com/
https://sites.google.com/site/linuxducks/home
http://tech.groups.yahoo.com/group/linuxducks/
Web: https://sites.google.com/site/pcsecurityhelper/
Malware Removal / Amatuer Forensics


Top
 Profile  
 
 Post subject: Re: Security: Anti-Rootkit Scanners for Linux
PostPosted: Fri Aug 19, 2011 10:11 am 
Offline
Site Admin

Joined: Sat Apr 30, 2011 4:33 am
Posts: 1530
Location: USA
-----------------
Welcome...
Unhide - The Open Source Forensic Tool
http://www.unhide-forensics.info/

Unhide is a forensic tool to find processes and TCP/UDP ports hidden by
rootkits, Linux kernel modules or by other techniques. It includes two
utilities: unhide and unhide-tcp.

unhide detects hidden processes using three techniques:
# comparing the output of /proc and /bin/ps
# comparing the information gathered from /bin/ps with the one gathered
from system calls (syscall scanning)
# full scan of the process ID space (PIDs bruteforcing) unhide-tcp
identifies TCP/UDP ports that are listening but are not listed in
/bin/netstat through brute forcing of all TCP/UDP ports available.
@ This package can be used by rkhunter in its daily scans.

_________________
ADMINISTRATOR / FORUM OWNER
HOME: http://linuxducks.webs.com/
https://sites.google.com/site/linuxducks/home
http://tech.groups.yahoo.com/group/linuxducks/
Web: https://sites.google.com/site/pcsecurityhelper/
Malware Removal / Amatuer Forensics


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC - 4 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Design by fragilix © 2008 based on subsilver2.

This site is hosted by Free-Forums.org - get a forum for free. Get coupon codes.
MultiForums powered by echoPHP phpBB MultiForums