HOME

TheInfoList



OR:

rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with ''known good'' ones in online databases, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and
FreeBSD FreeBSD is a free and open-source Unix-like operating system descended from the Berkeley Software Distribution (BSD), which was based on Research Unix. The first version of FreeBSD was released in 1993. In 2005, FreeBSD was the most popular ...
. rkhunter is notable due to its inclusion in popular operating systems (Fedora, Debian, etc.) The tool has been written in
Bourne shell The Bourne shell (sh) is a Shell (computing), shell Command-line interface#Command-line interpreter, command-line interpreter for computer operating systems. The Bourne shell was the default Unix shell, shell for Version 7 Unix. Unix-like syste ...
, to allow for
portability Portability may refer to: *Portability (social security), the portability of social security benefits * Porting, the ability of a computer program to be ported from one system to another in computer science ** Software portability, the portability ...
. It can run on almost all UNIX-derived systems.


Development

In 2003, developer Michael Boelen released the version of Rootkit Hunter. After several years of development, early 2006, he agreed to hand over development to a development team. Since that time eight people have been working to set up the project properly and work towards the much-needed maintenance release. The project has since been moved to SourceForge.


See also

*
chkrootkit chkrootkit (Check Rootkit) is a common Unix-based program intended to help system administrators check their system for known rootkits. It is a shell script using common UNIX/Linux tools like the strings and grep commands to search core syste ...
*
Lynis Lynis is an extensible security audit tool for computer systems running Linux, FreeBSD, macOS, OpenBSD, Solaris, and other Unix derivatives. It assists system administrators and security professionals with scanning a system and its security de ...
*
OSSEC OSSEC (Open Source HIDS SECurity) is a free, open-source host-based intrusion detection system (HIDS). It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting, and active response. It pro ...
* Samhain (software) * Host-based intrusion detection system comparison *
Hardening (computing) In computer security, hardening is usually the process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle a single-function system is more secure than a multipurpos ...
* Linux malware * MalwareMustDie * Rootkit


References


External links

*
Old rkhunter web page
Computer security software Unix security-related software Rootkit detection software {{Unix-stub