‘chkrootkit’ Tool:
Attackers install rootkits on a machine to gain root access, while its presence is hidden from the real administrator of the server. A tool that can help you to detect rootkits on your machine is chkrootkit.
Attackers install rootkits on a machine to gain root access, while its presence is hidden from the real administrator of the server. A tool that can help you to detect rootkits on your machine is chkrootkit.
Chkrootkit is a tool to scan your systems vital
files to determine if any of them show signs of known malware. It’s a group of
scripts that use existing system tools and commands to validate your system
files and /proc information.
How to download and use `chkrootkit` tool:
Follow
these steps for installing the ‘chkrootkit’ tool:
1.
Go to the /usr/local/src/
#cd /usr/local/src/
2. Download the chkrootkit.
# wget http://www.spenneberg.org/chkrootkit-mirror/files/chkrootkit.tar.gz
# wget http://www.spenneberg.org/chkrootkit-mirror/files/chkrootkit.tar.gz
3. Unpack the chkrootkit you
just downloaded.
# tar -xvzf chkrootkit.tar.gz
# tar -xvzf chkrootkit.tar.gz
4. Change to new directory
# cd chkrootkit-* (select the version )
# cd chkrootkit-* (select the version )
5. Compile chkrootkit
# make sense
# make sense
6.
After successfully compiling, the tool is ready to be used. To
check for rootkits, simply run chkrootkit as the root user:
# ./chkrootkit
# ./chkrootkit
No comments:
Post a Comment