4

rkhunter Linux security checker

view full story
linux-howto

http://unixmen.com – Rootkit scanner is scanning tool to ensure you for about 99.9%* you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like: (HowTos)

kermossa's picture
Submitted by kermossa on 10/01/2009 – Made popular on 10/01/2009

Stories similar to rkhunter Linux security checker

Hi,

New Tool:

Fast and tiny CMS Wordpress Security scanner to find vulnerable plugins installed and to give related exploits details. Exploits found also for Wordpress version identified. Useful for Penetration Tests tasks and/or for Fun and Profit. Actual version count 240 security tests.

First Public Release: 18th Jun 2012

Author: Dr.

I have upgraded to 13.04 desktop. I run rkhunter and chkrootkit once every couple weeks and have never had a rootkit. However, after upgrading, I am showing this: Quote:

Searching for Suckit rootkit... Warning: /sbin/init INFECTED

This is the output from chkrootkit. I have upgraded 3 computers and all show the same.

[ubuntu] possible root kit 26 weeks 4 days ago

so today i decided to check up on my system. so i used rkhunter and got tons of warnings. then i tried chkrootkit and got nothing. ran

Code: rkhunter -u rkhunter -c and got the same warnings. so could this be a rootkit?

Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. (...)Read the rest of Lynis – Security and system auditing tool (382 words)

© ruchi for Ubuntu Geek, 2013.

Beginner’s Guide to Nmap 3 years 11 weeks ago

Linux has a number of incredible security tools. Joe Brockmeier introduces nmap, one of the better security tools out there.

Excerpt:

Scanner not found 19 weeks 2 days ago

I recently installed Crunchbang on my desktop computer, which has been my scanning workhorse this far. I have an old Agfa Duoscan F40 flatbed scanner and on WinXP I used Vuescan, which also works on Linux, for all my scanning. After plugging in the scanner (USB) and turning it on, and launching Vuescan, the application doesn't detect the scanner.

I've got a centOS 6 64 bit server, and have installed rkhunter.

I spent some time running scans and tweaking things so that rkhunter throws up no warnings (e.g setting the PermitRootLogin var in /etc/rkhunter.conf to the same value as in my sshd.conf, and running rkhunter --propupd), however I still have one thing popping up in the logs:

872059-[10:57:36] Info: Starting test name 'hidden_ports'

Although Kaspersky Lab has done a lot of analysis on the worrisomely evolving TDSS malware, and has released its own rootkit killer, BitDefender has also come forth with its own TDL4 removal tool protection.