http://wiki.christophchamp.com/index.php?action=history&feed=atom&title=Chkrootkit
Chkrootkit - Revision history
2026-04-30T16:37:57Z
Revision history for this page on the wiki
MediaWiki 1.26.2
http://wiki.christophchamp.com/index.php?title=Chkrootkit&diff=6100&oldid=prev
Christoph: /* External links */
2014-08-13T11:03:21Z
<p><span dir="auto"><span class="autocomment">External links</span></span></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 11:03, 13 August 2014</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l39" >Line 39:</td>
<td colspan="2" class="diff-lineno">Line 39:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>==External links==</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>==External links==</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>* [http://www.chkrootkit.org/ Official website]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>* [http://www.chkrootkit.org/ Official website]</div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">* [https://community.rackspace.com/general/f/34/t/75 Investigating Compromised Servers]</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Linux Command Line Tools]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Linux Command Line Tools]]</div></td></tr>
</table>
Christoph
http://wiki.christophchamp.com/index.php?title=Chkrootkit&diff=6099&oldid=prev
Christoph: /* See also */
2014-08-13T11:03:01Z
<p><span dir="auto"><span class="autocomment">See also</span></span></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 11:03, 13 August 2014</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l34" >Line 34:</td>
<td colspan="2" class="diff-lineno">Line 34:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>==See also==</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>==See also==</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* [<del class="diffchange diffchange-inline">http://rkhunter.sourceforge.net </del>rkhunter]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* [<ins class="diffchange diffchange-inline">[</ins>rkhunter]<ins class="diffchange diffchange-inline">]</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">* maldet</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>==External links==</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>==External links==</div></td></tr>
</table>
Christoph
http://wiki.christophchamp.com/index.php?title=Chkrootkit&diff=5929&oldid=prev
Christoph: New page: This article will explain how to scan for rootkits with <code>chkrootkit</code>. A rootkit is a stealthy type of software, typically malicious, designed to hide the ...
2013-11-11T09:00:24Z
<p>New page: This article will explain how to scan for <a href="http://en.wikipedia.org/wiki/rootkit" class="extiw" title="wikipedia:rootkit">rootkits</a> with <code>chkrootkit</code>. A rootkit is a stealthy type of software, typically malicious, designed to hide the ...</p>
<p><b>New page</b></p><div>This article will explain how to scan for [[:wikipedia:rootkit|rootkits]] with <code>chkrootkit</code>. A rootkit is a stealthy type of software, typically malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer.<br />
<br />
==Installing <code>chkrootkit</code>==<br />
<br />
$ wget <nowiki>ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz</nowiki><br />
$ wget <nowiki>http://www.reznor.com/tools/chkrootkit.md5</nowiki><br />
$ md5sum chkrootkit.tar.gz<br />
<br />
Make sure the <code>md5sum</code> matches <code>chkrootkit.md5</code>.<br />
<br />
$ tar xvfz chkrootkit.tar.gz<br />
$ cd chkrootkit-0.47<br />
$ make sense<br />
<br />
Note: If that <code>`make sense`</code> command returns something like "<code>/usr/bin/ld: cannot find -lc</code>", you need to have the <code>glibc-static</code> package installed on your machine.<br />
<br />
==Running <code>chkrootkit</code>==<br />
Now that you have it installed on your machine, the easiest way to scan your machine for rootkits is like so:<br />
sudo ./chkrootkit<br />
<br />
Check for any warning messages.<br />
<br />
==Automate the scan==<br />
<br />
To automate this task with a cron job, enter the root crontab configuration:<br />
<br />
sudo crontab -e<br />
<br />
The recommended method (from the [http://www.chkrootkit.org/ chkrootkit website]) is as follows:<br />
<br />
0 3 * * * (cd /home/demo/sources/chkrootkit-0.49; ./chkrootkit 2>&1 | mail -s "chkrootkit output" admin@yourdomain.com)<br />
<br />
That will run the command at 3am every day and, providing you have <code>`mail`</code> installed and configured, email the results to the specified address.<br />
<br />
==See also==<br />
* [http://rkhunter.sourceforge.net rkhunter]<br />
<br />
==External links==<br />
* [http://www.chkrootkit.org/ Official website]<br />
<br />
[[Category:Linux Command Line Tools]]</div>
Christoph