LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Blogs
Reload this Page unSpawn
User Name
Password

Notices

Old

Rootkit Hunter reissue of 1.4.0 release (ALLOWDEVFILE)

Posted 05-01-2012 at 11:02 AM by unSpawn
Please note we've found an error with usage of exclamation points in an ALLOWDEVFILE check.
We have corrected this and have reissued 1.4.0.

NEW RELEASE SHA1: 48798beec504c00af93bf64b6e35dfc7d7aaff07
old release SHA1: 22546370647b79abce783d2a2d29352843d1b617


Apologies for the inconvenience,
unSpawn
---
Moderator
Posted in Uncategorized
Views 681 Comments 0 unSpawn is offline
Old

Rootkit Hunter release 1.4.0

Posted 04-30-2012 at 07:11 PM by unSpawn
Updated 04-30-2012 at 07:12 PM by unSpawn
Rootkit Hunter 1.4.0 release is here thanks to John Horne and all contributors who provided code, submitted ideas, bugs, fixes, documentation, helped out on the rkhunter-users mailing list and promoted Rootkit Hunter.

New:

- Added the '--list propfiles' command-line option. This will dump out the list of filenames that will be searched for when building the file properties database. By default the list is not shown if just '--list' is used.
- Added Jynx rootkit...
Continue reading...
Moderator
Posted in Uncategorized
Views 653 Comments 0 unSpawn is offline
Old

Rootkit Hunter alternative for suspscan

Posted 07-25-2011 at 06:16 PM by unSpawn
I've been mulling (yes, mulling) replacements for RKH's suspscan for a while now. Suspscan was an experiment to see if there could be a more generic, less name-based way of finding malware. The resultant monstrosity is resource-intensive, impossible to configurable and rarely used. Researching something else (as usual) I came across this rather good presentation (PDF) about creating ones own AV signatures: Writing ClamAV Signatures and not long after that I found R-fx Networks' Linux Malware Detect....
Continue reading...
Moderator
Posted in Uncategorized
Views 1056 Comments 0 unSpawn is offline
Old

Rootkit Hunter 1.3.8 release

Posted 11-16-2010 at 07:48 PM by unSpawn
The Rootkit Hunter project team is pleased to announce the release of Rootkit Hunter 1.3.8.

The change log lists 24 bug fixes, 29 changes and 18 new items. Naming a few:

* Whitelist rootkit strings (RTKT_FILE_WHITELIST).
* Whitelist items not always present (EXISTWHITELIST).
* Whitelist combined pathname and port number (PORT_WHITELIST).
* Added Whirlpool and Ripemd160 hashes to file properties check.
* Support for DragonFly...
Continue reading...
Moderator
Posted in Uncategorized
Views 887 Comments 0 unSpawn is offline
Old

Rootkit Hunter 1.3.8 release imminent...

Posted 10-31-2010 at 10:40 AM by unSpawn
It time again for another release. But before we can I need you to test it in the coming two weeks. Please spare us a few minutes if you care. After testing please reply so we get an idea of how many people tested this release.

Here is a short checklist:
1) Does RKH install correctly?
2) Does 'rkhunter -C' show rkhunter.conf is OK? (Re-run after making changes.)
3) Does '--update' work?
4) Does '--versioncheck' work?
5) Does '--propupd' pick up...
Continue reading...
Moderator
Posted in Uncategorized
Views 761 Comments 0 unSpawn is offline
Page 1 of 3 1 23

  



All times are GMT -5. The time now is 06:59 AM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu

My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration