Chkrootkit

From charlesreid1

Sam Liston (Univ. of Utah CHPC) provided the following link to a rootkit-checking kit:

ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz

Installation

Mac

The README contains installation instructions. However, to run chkrootkit, you will first have to build it. To get chkrootkit built on the Mac, you will have to change one line in the Makefile. Look for the following lines: 

###
### Mac OS X
###
# If you have Mac OS X, uncomment the next line
#STATIC =

and uncomment the STATIC line, so you should now have: 

###
### Mac OS X
###
# If you have Mac OS X, uncomment the next line
STATIC =

Then you can follow the rest of the instructions in the README and build using the command 

$ make sense

Usage

Chkrootkit is straightforward to use. Run this command from wherever you built it: 

$ ./chkrootkit

If you want to create a log file from chkrootkit, you can run it like this: 

$ ./chkrootkit -x > /path/to/custom/logfile

The README has more information.

Retrieved from "https://charlesreid1.com/w/index.php?title=Chkrootkit&oldid=16815"