CERN IT Department CERN Linux
CERN Tux

LinuxSoft Installation and Repository Service


Letter R

rkhunter - rkhunter scans for rootkits, backdoors and local exploits

Website: http://rkhunter.sourceforge.net/
License: GPL
Vendor: Scientific Linux CERN, http://cern.ch/linux
Description:
Rootkit scanner is [a] scanning tool to ensure you for about 99.9% you're
clean of nasty tools. This tool scans for rootkits, backdoors and local
exploits by running tests like:
	- MD5 hash compare
	- Look for default files used by rootkits
	- Wrong file permissions for binaries
	- Look for suspected strings in LKM and KLD modules
	- Look for hidden files
	- Optional scan within plaintext and binary files
	- Software version checks
	- Application tests

Rootkit Hunter is released as a GPL licensed project and free for
everyone to use.

  ********
This version has been customized/patched for CERN, and includes a
(patched) copy of "unhide" by yjesus AT security-projects.com

This version currently sends reports back to CERN, to evaluate for
false positives. If you do not want this, please don't install it.

Packages

rkhunter-1.3.4-5test.cern.i386 [747 KiB] Changelog by Jan Iven (2009-03-19):
- handle osinfo changes automatically, instead of carping
- unhide: multithreaded zombies don't show up in "ps axH" (but do in "ps ax", so are not hidden)
- network: only warn for connections *to* evil ports, not *from* them.

Listing created by Repoview-0.6.2-1.1.el5