eaeeb8f539
modified by me. chkrootkit is a tool to locally check for signs of a rootkit. It contains: * chkrootkit: a shell script that checks system binaries for rootkit modification. * ifpromisc.c: checks if the network interface is in promiscuous mode. * chklastlog.c: checks for lastlog deletions. * chkwtmp.c: checks for wtmp deletions. * check_wtmpx.c: checks for wtmpx deletions. (Solaris only) * chkproc.c: checks for signs of LKM trojans. * chkdirs.c: checks for signs of LKM trojans. * strings.c: quick and dirty strings replacement.
13 lines
534 B
Text
13 lines
534 B
Text
chkrootkit is a tool to locally check for signs of a rootkit. It
|
|
contains:
|
|
|
|
* chkrootkit: a shell script that checks system binaries for
|
|
rootkit modification.
|
|
* ifpromisc.c: checks if the network interface is in promiscuous
|
|
mode.
|
|
* chklastlog.c: checks for lastlog deletions.
|
|
* chkwtmp.c: checks for wtmp deletions.
|
|
* check_wtmpx.c: checks for wtmpx deletions. (Solaris only)
|
|
* chkproc.c: checks for signs of LKM trojans.
|
|
* chkdirs.c: checks for signs of LKM trojans.
|
|
* strings.c: quick and dirty strings replacement.
|