Home » Projects » Rootkit Hunter
Rootkit Hunter | Description
Rootkit scanner Project information
Rootkit scanner is scanning tool to ensure you for about 99.9%* you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:
- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files
Rootkit Hunter is released as GPL licensed project and free for everyone to use.
* No, not really 99.9%.. It's just another security layer
System requirements:
- Compatible operating system (see 'Supported operating systems')
- Bourne Again Shell (BASH)
Supported operating systems
Supported:
- Most Linux distributions
- Most *BSD distributions
Currently unsupported:
- NetBSD
Tested on:
- AIX 4.1.5 / 4.3.3
- ALT Linux
- Aurora Linux
- CentOS 3.1 / 4.0
- Conectiva Linux 6.0
- Debian 3.x
- FreeBSD 4.3 / 4.4 / 4.7 / 4.8 / 4.9 / 4.10
- FreeBSD 5.0 / 5.1 / 5.2 / 5.2.1 / 5.3
- Fedora Core 1 / Core 2 / Core 3
- Gentoo 1.4, 2004.0, 2004.1
- Macintosh OS 10.3.4-10.3.8
- Mandrake 8.1 / 8.2 / 9.0-9.2 / 10.0 / 10.1
- OpenBSD 3.4 / 3.5
- Red Hat Linux 7.0-7.3 / 8 / 9
- Red Hat Enterprise Linux 2.1 / 3.0
- Slackware 9.0 / 9.1 / 10.0 / 10.1
- SME 6.0
- Solaris (SunOS)
- SuSE 7.3 / 8.0-8.2 / 9.0-9.2
- Ubuntu
- Yellow Dog Linux 3.0 / 3.01
Confirmed to work also on:
- CLFS
- DaNix (Debian clone)
- PCLinuxOS
- VectorLinux SOHO 3.2 / 4.0
- CPUBuilders Linux
- Virtuozzo (VPS)
Extra information
'Supported' rootkits/backdoors/LKM's/worms:
55808 Trojan - Variant A
ADM W0rm
AjaKit
aPa Kit
Apache Worm
Ambient (ark) Rootkit
Balaur Rootkit
BeastKit
beX2
BOBKit
CiNIK Worm (Slapper.B variant)
Danny-Boy's Abuse Kit
Devil RootKit
Dica
Dreams Rootkit
Duarawkz Rootkit
Flea Linux Rootkit
FreeBSD Rootkit
Fuck`it Rootkit
GasKit
Heroin LKM
HjC Rootkit
ignoKit
ImperalsS-FBRK
Irix Rootkit
Kitko
Knark
Li0n Worm
Lockit / LJK2
mod_rootme (Apache backdoor)
MRK
Ni0 Rootkit
NSDAP (RootKit for SunOS)
Optic Kit (Tux)
Oz Rootkit
Portacelo
R3dstorm Toolkit
RH-Sharpe's rootkit
RSHA's rootkit
Scalper Worm
Shutdown
SHV4 Rootkit
SHV5 Rootkit
Sin Rootkit
Slapper
Sneakin Rootkit
Suckit
SunOS Rootkit
Superkit
TBD (Telnet BackDoor)
TeLeKiT
T0rn Rootkit
Trojanit Kit
URK (Universal RootKit)
VcKit
Volc Rootkit
X-Org SunOS Rootkit
zaRwT.KiT Rootkit
and... some known/unknown sniffers, backdoors like:
Anti Anti-sniffer
LuCe LKM
THC Backdoor
Project related documentation
http://www.rootkit.nl/articles/rootkit_hunter_faq.html|Rootkit Hunter FAQ (including installation)
http://www.rootkit.nl/articles/rootkit_scanning_techniques.html|Scanning techniques
http://www.rootkit.nl/articles/rootkit_hunter_changelog.html|Rootkit Hunter Changelog
http://freshmeat.net/projects/rkhunter|Announce mailinglist and project page
Tags: rootkit trojan backdoor
Page last updated at 28 May 2008
|
Quick links
Project members
Michael Boelen - Project founder
Rootkit Hunter team -
Downloads
1.3.2 - Latest release (rkhunter-1.3.2.tar.gz)
| Rootkit Hunter Details | | Latest version | 1.3.2 | | Language | Shell script | | License | GPL |
|
|
|
Projects
» FreeBSD Easy Installation Generator
» Lynis
» OpenLDAP book (LPIC-3, exam 301)
» MySQL DB size reporter
» Rootkit Hunter
Scripts/Tools
» FreeBSD logfile checker
» Perl module checker
» More scripts
About
» About me
» My resume
Thanks to
» Contributors
» Sponsors
"A master piece of software and a must for every server
admin." - Jose
Tip: Want to know everything about the latest changes and additions?
» Join the notification list
[PHPips enabled]
|
|
