Chkrootkit: Difference between revisions

From charlesreid1

m (Bot: Orphan page, add template)
No edit summary
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
{{Orphan|date=April 2017}}
Sam Liston (Univ. of Utah CHPC) provided the following link to a rootkit-checking kit:
Sam Liston (Univ. of Utah CHPC) provided the following link to a rootkit-checking kit:


Line 53: Line 52:


{{Programs}}
{{Programs}}
[[Category:Security]]
[[Category:Rootkits]]

Latest revision as of 10:07, 17 April 2017

Sam Liston (Univ. of Utah CHPC) provided the following link to a rootkit-checking kit:

ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz

Installation

Mac

The README contains installation instructions. However, to run chkrootkit, you will first have to build it. To get chkrootkit built on the Mac, you will have to change one line in the Makefile. Look for the following lines: 

###
### Mac OS X
###
# If you have Mac OS X, uncomment the next line
#STATIC =

and uncomment the STATIC line, so you should now have: 

###
### Mac OS X
###
# If you have Mac OS X, uncomment the next line
STATIC =

Then you can follow the rest of the instructions in the README and build using the command 

$ make sense

Usage

Chkrootkit is straightforward to use. Run this command from wherever you built it: 

$ ./chkrootkit

If you want to create a log file from chkrootkit, you can run it like this: 

$ ./chkrootkit -x > /path/to/custom/logfile

The README has more information.

Retrieved from "https://charlesreid1.com/w/index.php?title=Chkrootkit&oldid=16815"