Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
First off: wellness to all. It's been a while since I was here last, so it is a "comming home"...
Okay. The "it" is out there, and to keep it out THERE, some tools are needed. One of these is chrootkit.
Anyone with some experience here? Is it any good? I use Arch Linux behind a private router. There is a fire wall and yes, I have f-prot installed and let it loose on the drive from time to time.
But then there are the rootkits. Is Chrootkit any good in the fight against rootkits?
It's actually chkrootkit with a 'k'. Your question prompted me to run it - haven't done so for a while. As usual, it found nothing, which is great.
Sounds as though you've got good security, but I can't see what harm it can do to run it from time to time; but as I say, it's never found anything on my box.
Thanks for the reassuring reply...I may (indeed) have misspelled something, but I suspect you know what this is about.
My question stems from the changelog...
Snippet (look at the date of the last entry)
Minor bug fixes.
09/30/2009 - Version 0.49 new tests: Mac OS X OSX.RSPlug.A. Enhanced
tests: suspicious sniffer logs, suspicious
PHP files, shell history file anomalies.
Bug fixes in chkdirs.c, chkproc.c and
That seems as if development froze in time somewhere...or am I mistaken... :/
By the way, it's not in the Arch repo...dunnow about the others...
I can't comment on the snippet you posted. Maybe there's not been a lot of activity on the part of the black hats, either.
There's also rkhunter if you're interested. Don't know if it's on the Arch repo.
None of these are in the repo, though I do recall chrootkit being in there...the fact it's not (anymore) makes me uneasy as to the future of chrootkit.
Maybe I'll have to look outside the repo, for this once...