RepoView: Fedora 9

Jump to letter: [ 8 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ]

chkrootkit - Tool to locally check for signs of a rootkit

Website:	http://www.chkrootkit.org
License:	BSD-like
Vendor:	Fedora Project

Description:

chkrootkit is a tool to locally check for signs of a rootkit.
It contains:

 * chkrootkit: shell script that checks system binaries for
   rootkit modification.
 * ifpromisc: checks if the network interface is in promiscuous mode.
 * chklastlog: checks for lastlog deletions.
 * chkwtmp: checks for wtmp deletions.
 * chkproc: checks for signs of LKM trojans.
 * chkdirs: checks for signs of LKM trojans.
 * strings: quick and dirty strings replacement.
 * chkutmp: checks for utmp deletions.

Packages

chkrootkit-0.48-6.fc9.i386 [309 KiB]

Changelog by Michael Schwendt (2008-03-18):

- Delete the "suspect PHP files" check. Not only does it trigger
  SIGPIPE for file names which contain special unescaped characters,
  the second half is doubtful (it doesn't print any filenames and
  gets confused by binary file contents).

Listing created by Repoview-0.6.2-1.fc9