How to Check For Linux Rootkits - Linux Security Tutorial
admin on July 13th, 2008 | File Under Linux ariticles, Recommended -A rootkit is a set of binaries, that overwrite the server binaries and are made to hide the presence and actions of the hacker.
If you notice any suspicious or out of the ordinary activity you will want to run a check for rootkits, and also check for infected binaries.
A great tool for this is RootKit Hunter:
http://rootkit.nl/projects/rootkit_hunter.html
This will check for over 50 rootkits.
You can install that as follows:
Code:
wget http://internap.dl.sourceforge.net/sourceforge/rkhunter/rkhunter-1.3.2.tar.gz tar -xzvf rkhunter-1.3.2.tar.gz cd rkhunter-1.3.2 ./installer.sh --layout /usr/local --install
Now to run it type:
No Comments Tags: linux, rootkits, security, tutorial