Jump to content

rkhunter

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Sephiroth storm (talk | contribs) at 01:11, 8 August 2016 (See also: added Lynis ~~~~). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

rkhunter
Stable release
1.4.2 / 24 February 2014; 10 years ago (2014-02-24)
Repository
Written inBourne shell, Perl
Operating systemUnix-like
Typerootkit detector
LicenseGNU General Public License
Websiterkhunter.sourceforge.net

rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online databases, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD.

The tool has been written in Bourne shell, to allow for portability. It can run on almost all UNIX-derived systems.

Development

In 2003, developer Michael Boelen released the version of Rootkit Hunter. After several years of development, early 2006, he agreed to hand over development to a development team. Since that time eight people have been working to set up the project properly and work towards the much-needed maintenance release. The project has since been moved to SourceForge.

See also

References