{"id":257,"date":"2005-04-10T20:24:11","date_gmt":"2005-04-11T01:24:11","guid":{"rendered":"https:\/\/www.suramya.com\/blog\/2005\/04\/10\/linux-rootkit-detection-tools\/"},"modified":"2007-07-27T10:57:19","modified_gmt":"2007-07-27T14:57:19","slug":"linux-rootkit-detection-tools","status":"publish","type":"post","link":"https:\/\/www.suramya.com\/blog\/2005\/04\/linux-rootkit-detection-tools\/","title":{"rendered":"Linux Rootkit detection tools"},"content":{"rendered":"\n<p>According to <a>Wikipedia<\/a>, A <a href='http:\/\/en.wikipedia.org\/wiki\/Rootkit'>root kit<\/a> is a set of tools used by an intruder after cracking a computer system. These tools can help the attacker maintain his or her access to the system and use it for malicious purposes.<\/p>\n<p>It is pretty hard to detect a root kit using standard system tools so we need to use specialized detection programs. Below are links to software that detects RootKits in Linux:<\/p>\n<p><a href='http:\/\/freshmeat.net\/projects\/rkhunter'>Rootkit Hunter<\/a>:<\/p>\n<p>Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix clone.<\/p>\n<p><a>chkrootkit<\/a>:<\/p>\n<p>chkrootkit is a tool to locally check for signs of a Rootkit.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>According to Wikipedia, A root kit is a set of tools used by an intruder after cracking a computer system. These tools can help the attacker maintain his or her access to the system and use it for malicious purposes. It is pretty hard to detect a root kit using standard system tools so we [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"activitypub_content_warning":"","activitypub_content_visibility":"","activitypub_max_image_attachments":3,"activitypub_interaction_policy_quote":"anyone","activitypub_status":"","footnotes":""},"categories":[24,13],"tags":[],"class_list":["post-257","post","type-post","status-publish","format-standard","hentry","category-knowledgebase","category-linuxunix-related"],"_links":{"self":[{"href":"https:\/\/www.suramya.com\/blog\/wp-json\/wp\/v2\/posts\/257","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.suramya.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.suramya.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.suramya.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.suramya.com\/blog\/wp-json\/wp\/v2\/comments?post=257"}],"version-history":[{"count":0,"href":"https:\/\/www.suramya.com\/blog\/wp-json\/wp\/v2\/posts\/257\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.suramya.com\/blog\/wp-json\/wp\/v2\/media?parent=257"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.suramya.com\/blog\/wp-json\/wp\/v2\/categories?post=257"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.suramya.com\/blog\/wp-json\/wp\/v2\/tags?post=257"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}