Rootkit Hunter is a Unix-primarily based scanning tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of vital files with known good ones in online database, looking for default directories (of rootkits), improper permissions, hidden records data, suspicious strings in kernel modules and particular tests for Linux or FreeBSD. Most instances rootkits are self-hiding toolkits utilized by blackhats, crackers and script kiddies, to keep away from the attention of the system admin. If you’re unsure as to whether your system is compromised, you will get a second opinion from sources such as Linux-oriented forum. If your system is contaminated with a rootkit, cleaning it up will not be an option. Restoring can be not an option unless you might be expert, and have autonomous and an impartial means of verifying that the backup is clear, and does not include misconfigured or stale software. Never trust a potentially compromised machine! Basically a clean install of the OS is always advisable after backing up the system.
Last May, in our Linux Page (in Spanish), we posted some suggestions about a basic security package for Linux. After less than one year we are back on this topic also because more than something has changed. As you know, Linux is the safer OS you can use today: specific Linux viruses are few and malware is rare but with the increasing of users some threads are becoming real. For this reason, I strongly believe that nowadays a firewall, like Firestarter, is not enough and we all need also a good antivirus and Moblock: the program which allows to use the Peer Guardian lists on Ubuntu protecting your privacy. Today, in our Linux package we’ve posted a short updated manual where we explain how to install a firewall (Firestarter), an antivirus (ClamAV) and a P2P stealth (Moblock). We have tested all this software on a Ubuntu 7.10 without relevant problems; the combined use of this triplet is strongly recommended for people who desire to preserve their data and privacy. Read us!