HOME

TheInfoList



Click Here for Items Related To - Rkhunter
OR:
Rkhunter on:   [Wikipedia]   [Google]   [Amazon]

rkhunter (Rootkit Hunter) is a
Unix Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, a ...
-based tool that scans for
rootkit A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the exis ...
s, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with ''known good'' ones in online databases, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which i ...
and
FreeBSD FreeBSD is a free and open-source Unix-like operating system descended from the Berkeley Software Distribution (BSD), which was based on Research Unix. The first version of FreeBSD was released in 1993. In 2005, FreeBSD was the most popular ...
. rkhunter is notable due to its inclusion in popular operating systems (Fedora, Debian, etc.) The tool has been written in
Bourne shell The Bourne shell (sh) is a shell command-line interpreter for computer operating systems. The Bourne shell was the default shell for Version 7 Unix. Unix-like systems continue to have /bin/sh—which will be the Bourne shell, or a symbolic link ...
, to allow for
portability Portability may refer to: *Portability (social security), the portability of social security benefits * Porting, the ability of a computer program to be ported from one system to another in computer science ** Software portability, the portability ...
. It can run on almost all UNIX-derived systems.


Development

In 2003, developer Michael Boelen released the version of Rootkit Hunter. After several years of development, early 2006, he agreed to hand over development to a development team. Since that time eight people have been working to set up the project properly and work towards the much-needed maintenance release. The project has since been moved to
SourceForge SourceForge is a web service that offers software consumers a centralized online location to control and manage open-source software projects and research business software. It provides source code repository hosting, bug tracking, mirrori ...
.


See also

* chkrootkit *
Lynis Lynis is an extensible security audit tool for computer systems running Linux, FreeBSD, macOS, OpenBSD, Solaris, and other Unix derivatives. It assists system administrators and security professionals with scanning a system and its security defe ...
* OSSEC * Samhain (software) * Host-based intrusion detection system comparison *
Hardening (computing) In computer security, hardening is usually the process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle a single-function system is more secure than a multipurpos ...
* Linux malware * MalwareMustDie *
Rootkit A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the exis ...


References


External links

*
Old rkhunter web page
Computer security software Unix security-related software Rootkit detection software {{Unix-stub