Version 0.45 of chkrootkit
Release Notes: A chkutmp.c program that displays users that may have wiped themselves from the utmp log was added. chkproc.c now has better support for Linux threads. A new chkutmp test was added to chkrootkit, and Fu, Kenga3, and ESRK can now be detected.
Other releases
Release Notes: New tests were added for common SSH brute force scanners and suspicious PHP files. The tests for login, netstat, top, and backdoor were enhanced. Some minor bugs were fixed.
Release Notes: A chkutmp.c program that displays users that may have wiped themselves from the utmp log was added. chkproc.c now has better support for Linux threads. A new chkutmp test was added to chkrootkit, and Fu, Kenga3, and ESRK can now be detected.
No changes have been submitted for this release.
Release Notes: C++ comments have been removed from chkproc.c. New rootkits detected: AjaKit and zaRwT. New CGI backdoors are detected. ifpromisc.c has better detection of promiscuous mode on newer Linux kernels. There is a new command line option (-n) to skip NFS-mounted directories. There are minor bug corrections.
Release Notes: There is a fix for NPTL threading mechanisms, minor corrections, chkrootkit, a new test (vdir), detection of the worms 55808.A and TC2, and detection of the rootkits Volc, Gold2, Anonoying, Suckit (improved), and ZK (improved).
