[ Main ] [ Home ] [ Work ] [ Code ] [ Rants ] [ Readings ] [ Links ]
{Latest update: 14 August 2003}

What is it?

Chkrootkit is a tool to locally check for signs of a rootkit. It is capable of detecting some important rootkits, worms and LKMs such as the Ramen worm, the Adore LKM, t0rn or the dsc-rootkit. It has been successfully tested on Linux 2.0.x, Linux 2.2.x, FreeBSD 2.2.x, 3.x and 4.x, OpenBSD, and even several versions of Solaris. You will find more information at their website.

Requirements

Check out the chkrootkit website for more information. I've successfully run it on Red Hat Linux 6.2, if that helps.

How to install and configure

To install the RPM packages I provide here, simply download the file to your hard drive, log in as root, and run:
rpm -Uvh [packagename]

Other information

Check out the chkrootkit website for more information on future improvements, license information, a short FAQ that clarifies what the program is good for, mailing lists, etc.

Download

The chkrootkit program was developed by Pangeia Informatica in Brazil (watch out, the server is quite slow!). I simply put together the RPM packages.

Here are the latest RPMs I packaged:

chkrootkit-0.39a-1.i386.rpm
chkrootkit-0.39a-1.i586.rpm
chrootkit-0.39a-1.i686.rpm
chkrootkit-0.39a-1.athlon.rpm
chrootkit-0.39a-1.src.rpm
chkrootkit_0.39a-2_i386.deb (a newer release exists for unstable, I believe)