Letter C

chkrootkit - A tool to locally check for signs of a rootkit

Website: http://www.chkrootkit.org/
License: BSD
Description:
chkrootkit is a tool to locally check for signs of a rootkit. It contains:

 * chkrootkit: shell script that checks system binaries for rootkit
  modification. The following tests are made:

  o aliens asp bindshell lkm rexedcs sniffer wted scalper slapper z2 amd
    basename biff chfn chsh cron date du dirname echo egrep env find fingerd
    gpm grep hdparm su ifconfig inetd inetdconf init identd killall ldsopreload
    login ls lsof mail mingetty netstat named passwd pidof pop2 pop3 ps pstree
    rpcinfo rlogind rshd slogin sendmail sshd syslogd tar tcpd tcpdump top
    telnetd timed traceroute vdir w write

 * ifpromisc.c: checks if the interface is in promiscuous mode.
 * chklastlog.c: checks for lastlog deletions.
 * chkwtmp.c: checks for wtmp deletions.
 * check_wtmpx.c: checks for wtmpx deletions. (Solaris only)
 * chkproc.c: checks for signs of LKM trojans.
 * chkdirs.c: checks for signs of LKM trojans.
 * strings.c: quick and dirty strings replacement.

Packages

chkrootkit-0.48-2m.mo6.x86_64 [318 KiB] Changelog by NAKAYA Toshiharu (2009-01-21):
- (0.48-2m)
- rebuild against rpm-4.6

Listing created by Repoview-0.6.4-1m.mo6