Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, sniffers, and malware. The application consists of the main shell script, a few text-based databases, and optional Perl scripts. It can recognise and run external applications like 'skdet' and 'unhide'. It should run on almost every Unix clone.
|Tags||Systems Administration Monitoring Security|
Release Notes: This release adds eleven bugfixes, seven changes, and five new items.
Release Notes: This release offers more ease of use and improved checks. The changelog lists 29 additions including 9 configuration options and details for 12 rootkits, 29 changes including improvements for 15 rootkit checks, and 22 bugfixes.
Release Notes: IntoXonia-NG and Phalanx2 rootkit checks were added. Support for TCB shadow files was added. The "--propupd" option can now take an optional file, directory, or package name after it. The file properties inode check was revised. SSH configuration file tests accept key/value pairs. The Linux "os_specific" test has been split into two separate tests. The DBDIR directory can now be read-only. The ALLOWPROCDELFILE configuration option was improved. The check for hidden files and directories was improved.
Release Notes: This is the final release of version 1.3.0. 30 new features were added. 47 changes and 16 bugfixes were made.
Release Notes: Given the timeframe between releases, the changelog is packed listing 34 new features, 47 changes, and 16 bugfixes. A new option '--propupd' replaces 'hashupd.sh'. A new option '--pkgmgr' supports RPM, dpkg, and BSD-style package managers. Support has been added for Ubuntu, 'dash' and 'ash' shells. Internationalization (i18n) has been added. New options '--enable' and '--disable' to specify which tests are run or ignored. Support for Solaris 10 inetadm. More whitelisting options.