Use chkrootkit to fight against rare (but always possible) rootkits on your Linux PCs!


This week, in our Linux Page (in Spanish), we would like to focus your attention on chkrootkit, an interesting software for Linux which can really help you to detect malicious rootkits on your Linux PC. Unfortunately, the last update we have found on the chkrootkit homepage is dated December 2007 but we hope to see a new release during the 2009. To check if you have chkrootkit already installed, type chkrootkit on you Terminal:

desktop:~$ chkrootkit

and you certainly will receive this message:
The program ‘chkrootkit’ is currently not installed.  You can install it by typing:
sudo apt-get install chkrootkit

Follow the above instructions and you will be ready to execute the software just typing:

sudo chkrootkit

Please, note that, at our first scan on Ubuntu 8.10, we found a false positive:

Checking `sniffer’… lo: not promisc and no packet sniffer sockets

eth0: PACKET SNIFFER(/sbin/dhclient3[4835])

Do not worry! This (unfortunately frequent) false positive has already been discussed by the community at

http://ubuntuforums.org/showthread.php?t=556517

and

http://ubuntuforums.org/showthread.php?t=270340

If you know other good anti-rootkits, please be so kind, to add a comment on this post. We are really interested to discover new “security software” (especially anti-rootkit) for Linux machines! AddThis mp3 link

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s